118f6290aSShashi Mallela /* 218f6290aSShashi Mallela * ITS emulation for a GICv3-based system 318f6290aSShashi Mallela * 418f6290aSShashi Mallela * Copyright Linaro.org 2021 518f6290aSShashi Mallela * 618f6290aSShashi Mallela * Authors: 718f6290aSShashi Mallela * Shashi Mallela <shashi.mallela@linaro.org> 818f6290aSShashi Mallela * 918f6290aSShashi Mallela * This work is licensed under the terms of the GNU GPL, version 2 or (at your 1018f6290aSShashi Mallela * option) any later version. See the COPYING file in the top-level directory. 1118f6290aSShashi Mallela * 1218f6290aSShashi Mallela */ 1318f6290aSShashi Mallela 1418f6290aSShashi Mallela #include "qemu/osdep.h" 1518f6290aSShashi Mallela #include "qemu/log.h" 16195209d3SPeter Maydell #include "trace.h" 1718f6290aSShashi Mallela #include "hw/qdev-properties.h" 1818f6290aSShashi Mallela #include "hw/intc/arm_gicv3_its_common.h" 1918f6290aSShashi Mallela #include "gicv3_internal.h" 2018f6290aSShashi Mallela #include "qom/object.h" 2118f6290aSShashi Mallela #include "qapi/error.h" 2218f6290aSShashi Mallela 2318f6290aSShashi Mallela typedef struct GICv3ITSClass GICv3ITSClass; 2418f6290aSShashi Mallela /* This is reusing the GICv3ITSState typedef from ARM_GICV3_ITS_COMMON */ 2518f6290aSShashi Mallela DECLARE_OBJ_CHECKERS(GICv3ITSState, GICv3ITSClass, 2618f6290aSShashi Mallela ARM_GICV3_ITS, TYPE_ARM_GICV3_ITS) 2718f6290aSShashi Mallela 2818f6290aSShashi Mallela struct GICv3ITSClass { 2918f6290aSShashi Mallela GICv3ITSCommonClass parent_class; 3018f6290aSShashi Mallela void (*parent_reset)(DeviceState *dev); 3118f6290aSShashi Mallela }; 3218f6290aSShashi Mallela 33c694cb4cSShashi Mallela /* 34c694cb4cSShashi Mallela * This is an internal enum used to distinguish between LPI triggered 35c694cb4cSShashi Mallela * via command queue and LPI triggered via gits_translater write. 36c694cb4cSShashi Mallela */ 37c694cb4cSShashi Mallela typedef enum ItsCmdType { 38c694cb4cSShashi Mallela NONE = 0, /* internal indication for GITS_TRANSLATER write */ 39c694cb4cSShashi Mallela CLEAR = 1, 40c694cb4cSShashi Mallela DISCARD = 2, 41c694cb4cSShashi Mallela INTERRUPT = 3, 42c694cb4cSShashi Mallela } ItsCmdType; 43c694cb4cSShashi Mallela 44c694cb4cSShashi Mallela typedef struct { 45c694cb4cSShashi Mallela uint32_t iteh; 46c694cb4cSShashi Mallela uint64_t itel; 47c694cb4cSShashi Mallela } IteEntry; 48c694cb4cSShashi Mallela 494acf93e1SPeter Maydell typedef struct DTEntry { 504acf93e1SPeter Maydell bool valid; 514acf93e1SPeter Maydell unsigned size; 524acf93e1SPeter Maydell uint64_t ittaddr; 534acf93e1SPeter Maydell } DTEntry; 544acf93e1SPeter Maydell 55d37cf49bSPeter Maydell typedef struct CTEntry { 56d37cf49bSPeter Maydell bool valid; 57d37cf49bSPeter Maydell uint32_t rdbase; 58d37cf49bSPeter Maydell } CTEntry; 59d37cf49bSPeter Maydell 60*244194feSPeter Maydell typedef struct ITEntry { 61*244194feSPeter Maydell bool valid; 62*244194feSPeter Maydell int inttype; 63*244194feSPeter Maydell uint32_t intid; 64*244194feSPeter Maydell uint32_t doorbell; 65*244194feSPeter Maydell uint32_t icid; 66*244194feSPeter Maydell uint32_t vpeid; 67*244194feSPeter Maydell } ITEntry; 68*244194feSPeter Maydell 69*244194feSPeter Maydell 70ef011555SPeter Maydell /* 71ef011555SPeter Maydell * The ITS spec permits a range of CONSTRAINED UNPREDICTABLE options 72ef011555SPeter Maydell * if a command parameter is not correct. These include both "stall 73ef011555SPeter Maydell * processing of the command queue" and "ignore this command, and 74ef011555SPeter Maydell * keep processing the queue". In our implementation we choose that 75ef011555SPeter Maydell * memory transaction errors reading the command packet provoke a 76ef011555SPeter Maydell * stall, but errors in parameters cause us to ignore the command 77ef011555SPeter Maydell * and continue processing. 78ef011555SPeter Maydell * The process_* functions which handle individual ITS commands all 79ef011555SPeter Maydell * return an ItsCmdResult which tells process_cmdq() whether it should 80ef011555SPeter Maydell * stall or keep going. 81ef011555SPeter Maydell */ 82ef011555SPeter Maydell typedef enum ItsCmdResult { 83ef011555SPeter Maydell CMD_STALL = 0, 84ef011555SPeter Maydell CMD_CONTINUE = 1, 85ef011555SPeter Maydell } ItsCmdResult; 86ef011555SPeter Maydell 871b08e436SShashi Mallela static uint64_t baser_base_addr(uint64_t value, uint32_t page_sz) 881b08e436SShashi Mallela { 891b08e436SShashi Mallela uint64_t result = 0; 901b08e436SShashi Mallela 911b08e436SShashi Mallela switch (page_sz) { 921b08e436SShashi Mallela case GITS_PAGE_SIZE_4K: 931b08e436SShashi Mallela case GITS_PAGE_SIZE_16K: 941b08e436SShashi Mallela result = FIELD_EX64(value, GITS_BASER, PHYADDR) << 12; 951b08e436SShashi Mallela break; 961b08e436SShashi Mallela 971b08e436SShashi Mallela case GITS_PAGE_SIZE_64K: 981b08e436SShashi Mallela result = FIELD_EX64(value, GITS_BASER, PHYADDRL_64K) << 16; 991b08e436SShashi Mallela result |= FIELD_EX64(value, GITS_BASER, PHYADDRH_64K) << 48; 1001b08e436SShashi Mallela break; 1011b08e436SShashi Mallela 1021b08e436SShashi Mallela default: 1031b08e436SShashi Mallela break; 1041b08e436SShashi Mallela } 1051b08e436SShashi Mallela return result; 1061b08e436SShashi Mallela } 1071b08e436SShashi Mallela 108d050f80fSPeter Maydell static uint64_t table_entry_addr(GICv3ITSState *s, TableDesc *td, 109d050f80fSPeter Maydell uint32_t idx, MemTxResult *res) 110d050f80fSPeter Maydell { 111d050f80fSPeter Maydell /* 112d050f80fSPeter Maydell * Given a TableDesc describing one of the ITS in-guest-memory 113d050f80fSPeter Maydell * tables and an index into it, return the guest address 114d050f80fSPeter Maydell * corresponding to that table entry. 115d050f80fSPeter Maydell * If there was a memory error reading the L1 table of an 116d050f80fSPeter Maydell * indirect table, *res is set accordingly, and we return -1. 117d050f80fSPeter Maydell * If the L1 table entry is marked not valid, we return -1 with 118d050f80fSPeter Maydell * *res set to MEMTX_OK. 119d050f80fSPeter Maydell * 120d050f80fSPeter Maydell * The specification defines the format of level 1 entries of a 121d050f80fSPeter Maydell * 2-level table, but the format of level 2 entries and the format 122d050f80fSPeter Maydell * of flat-mapped tables is IMPDEF. 123d050f80fSPeter Maydell */ 124d050f80fSPeter Maydell AddressSpace *as = &s->gicv3->dma_as; 125d050f80fSPeter Maydell uint32_t l2idx; 126d050f80fSPeter Maydell uint64_t l2; 127d050f80fSPeter Maydell uint32_t num_l2_entries; 128d050f80fSPeter Maydell 129d050f80fSPeter Maydell *res = MEMTX_OK; 130d050f80fSPeter Maydell 131d050f80fSPeter Maydell if (!td->indirect) { 132d050f80fSPeter Maydell /* Single level table */ 133d050f80fSPeter Maydell return td->base_addr + idx * td->entry_sz; 134d050f80fSPeter Maydell } 135d050f80fSPeter Maydell 136d050f80fSPeter Maydell /* Two level table */ 137d050f80fSPeter Maydell l2idx = idx / (td->page_sz / L1TABLE_ENTRY_SIZE); 138d050f80fSPeter Maydell 139d050f80fSPeter Maydell l2 = address_space_ldq_le(as, 140d050f80fSPeter Maydell td->base_addr + (l2idx * L1TABLE_ENTRY_SIZE), 141d050f80fSPeter Maydell MEMTXATTRS_UNSPECIFIED, res); 142d050f80fSPeter Maydell if (*res != MEMTX_OK) { 143d050f80fSPeter Maydell return -1; 144d050f80fSPeter Maydell } 145d050f80fSPeter Maydell if (!(l2 & L2_TABLE_VALID_MASK)) { 146d050f80fSPeter Maydell return -1; 147d050f80fSPeter Maydell } 148d050f80fSPeter Maydell 149d050f80fSPeter Maydell num_l2_entries = td->page_sz / td->entry_sz; 150d050f80fSPeter Maydell return (l2 & ((1ULL << 51) - 1)) + (idx % num_l2_entries) * td->entry_sz; 151d050f80fSPeter Maydell } 152d050f80fSPeter Maydell 153d37cf49bSPeter Maydell /* 154d37cf49bSPeter Maydell * Read the Collection Table entry at index @icid. On success (including 155d37cf49bSPeter Maydell * successfully determining that there is no valid CTE for this index), 156d37cf49bSPeter Maydell * we return MEMTX_OK and populate the CTEntry struct @cte accordingly. 157d37cf49bSPeter Maydell * If there is an error reading memory then we return the error code. 158d37cf49bSPeter Maydell */ 159d37cf49bSPeter Maydell static MemTxResult get_cte(GICv3ITSState *s, uint16_t icid, CTEntry *cte) 160c694cb4cSShashi Mallela { 161c694cb4cSShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 162d37cf49bSPeter Maydell MemTxResult res = MEMTX_OK; 163d37cf49bSPeter Maydell uint64_t entry_addr = table_entry_addr(s, &s->ct, icid, &res); 164d37cf49bSPeter Maydell uint64_t cteval; 165c694cb4cSShashi Mallela 166d050f80fSPeter Maydell if (entry_addr == -1) { 167d37cf49bSPeter Maydell /* No L2 table entry, i.e. no valid CTE, or a memory error */ 168d37cf49bSPeter Maydell cte->valid = false; 169d37cf49bSPeter Maydell return res; 170c694cb4cSShashi Mallela } 171c694cb4cSShashi Mallela 172d37cf49bSPeter Maydell cteval = address_space_ldq_le(as, entry_addr, MEMTXATTRS_UNSPECIFIED, &res); 173d37cf49bSPeter Maydell if (res != MEMTX_OK) { 174d37cf49bSPeter Maydell return res; 175d37cf49bSPeter Maydell } 176d37cf49bSPeter Maydell cte->valid = FIELD_EX64(cteval, CTE, VALID); 177d37cf49bSPeter Maydell cte->rdbase = FIELD_EX64(cteval, CTE, RDBASE); 178d37cf49bSPeter Maydell return MEMTX_OK; 179c694cb4cSShashi Mallela } 180c694cb4cSShashi Mallela 1814acf93e1SPeter Maydell static bool update_ite(GICv3ITSState *s, uint32_t eventid, const DTEntry *dte, 182c694cb4cSShashi Mallela IteEntry ite) 183c694cb4cSShashi Mallela { 184c694cb4cSShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 185c694cb4cSShashi Mallela MemTxResult res = MEMTX_OK; 186a1ce993dSPeter Maydell hwaddr iteaddr = dte->ittaddr + eventid * ITS_ITT_ENTRY_SIZE; 187c694cb4cSShashi Mallela 188a1ce993dSPeter Maydell address_space_stq_le(as, iteaddr, ite.itel, MEMTXATTRS_UNSPECIFIED, &res); 189c694cb4cSShashi Mallela 190c694cb4cSShashi Mallela if (res == MEMTX_OK) { 191a1ce993dSPeter Maydell address_space_stl_le(as, iteaddr + 8, ite.iteh, 192c694cb4cSShashi Mallela MEMTXATTRS_UNSPECIFIED, &res); 193c694cb4cSShashi Mallela } 194c694cb4cSShashi Mallela if (res != MEMTX_OK) { 195c694cb4cSShashi Mallela return false; 196c694cb4cSShashi Mallela } else { 197c694cb4cSShashi Mallela return true; 198c694cb4cSShashi Mallela } 199c694cb4cSShashi Mallela } 200c694cb4cSShashi Mallela 201*244194feSPeter Maydell /* 202*244194feSPeter Maydell * Read the Interrupt Table entry at index @eventid from the table specified 203*244194feSPeter Maydell * by the DTE @dte. On success, we return MEMTX_OK and populate the ITEntry 204*244194feSPeter Maydell * struct @ite accordingly. If there is an error reading memory then we return 205*244194feSPeter Maydell * the error code. 206*244194feSPeter Maydell */ 207*244194feSPeter Maydell static MemTxResult get_ite(GICv3ITSState *s, uint32_t eventid, 208*244194feSPeter Maydell const DTEntry *dte, ITEntry *ite) 209c694cb4cSShashi Mallela { 210c694cb4cSShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 211*244194feSPeter Maydell MemTxResult res = MEMTX_OK; 212*244194feSPeter Maydell uint64_t itel; 213*244194feSPeter Maydell uint32_t iteh; 214a1ce993dSPeter Maydell hwaddr iteaddr = dte->ittaddr + eventid * ITS_ITT_ENTRY_SIZE; 215c694cb4cSShashi Mallela 216*244194feSPeter Maydell itel = address_space_ldq_le(as, iteaddr, MEMTXATTRS_UNSPECIFIED, &res); 217*244194feSPeter Maydell if (res != MEMTX_OK) { 218*244194feSPeter Maydell return res; 2192954b93fSPeter Maydell } 220c694cb4cSShashi Mallela 221*244194feSPeter Maydell iteh = address_space_ldl_le(as, iteaddr + 8, MEMTXATTRS_UNSPECIFIED, &res); 222*244194feSPeter Maydell if (res != MEMTX_OK) { 223*244194feSPeter Maydell return res; 2242954b93fSPeter Maydell } 225c694cb4cSShashi Mallela 226*244194feSPeter Maydell ite->valid = FIELD_EX64(itel, ITE_L, VALID); 227*244194feSPeter Maydell ite->inttype = FIELD_EX64(itel, ITE_L, INTTYPE); 228*244194feSPeter Maydell ite->intid = FIELD_EX64(itel, ITE_L, INTID); 229*244194feSPeter Maydell ite->icid = FIELD_EX64(itel, ITE_L, ICID); 230*244194feSPeter Maydell ite->vpeid = FIELD_EX64(itel, ITE_L, VPEID); 231*244194feSPeter Maydell ite->doorbell = FIELD_EX64(iteh, ITE_H, DOORBELL); 232*244194feSPeter Maydell return MEMTX_OK; 233c694cb4cSShashi Mallela } 234c694cb4cSShashi Mallela 2354acf93e1SPeter Maydell /* 2364acf93e1SPeter Maydell * Read the Device Table entry at index @devid. On success (including 2374acf93e1SPeter Maydell * successfully determining that there is no valid DTE for this index), 2384acf93e1SPeter Maydell * we return MEMTX_OK and populate the DTEntry struct accordingly. 2394acf93e1SPeter Maydell * If there is an error reading memory then we return the error code. 2404acf93e1SPeter Maydell */ 2414acf93e1SPeter Maydell static MemTxResult get_dte(GICv3ITSState *s, uint32_t devid, DTEntry *dte) 242c694cb4cSShashi Mallela { 2434acf93e1SPeter Maydell MemTxResult res = MEMTX_OK; 244c694cb4cSShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 2454acf93e1SPeter Maydell uint64_t entry_addr = table_entry_addr(s, &s->dt, devid, &res); 2464acf93e1SPeter Maydell uint64_t dteval; 247c694cb4cSShashi Mallela 248d050f80fSPeter Maydell if (entry_addr == -1) { 2494acf93e1SPeter Maydell /* No L2 table entry, i.e. no valid DTE, or a memory error */ 2504acf93e1SPeter Maydell dte->valid = false; 2514acf93e1SPeter Maydell return res; 252c694cb4cSShashi Mallela } 2534acf93e1SPeter Maydell dteval = address_space_ldq_le(as, entry_addr, MEMTXATTRS_UNSPECIFIED, &res); 2544acf93e1SPeter Maydell if (res != MEMTX_OK) { 2554acf93e1SPeter Maydell return res; 2564acf93e1SPeter Maydell } 2574acf93e1SPeter Maydell dte->valid = FIELD_EX64(dteval, DTE, VALID); 2584acf93e1SPeter Maydell dte->size = FIELD_EX64(dteval, DTE, SIZE); 2594acf93e1SPeter Maydell /* DTE word field stores bits [51:8] of the ITT address */ 2604acf93e1SPeter Maydell dte->ittaddr = FIELD_EX64(dteval, DTE, ITTADDR) << ITTADDR_SHIFT; 2614acf93e1SPeter Maydell return MEMTX_OK; 262c694cb4cSShashi Mallela } 263c694cb4cSShashi Mallela 264c694cb4cSShashi Mallela /* 265c694cb4cSShashi Mallela * This function handles the processing of following commands based on 266c694cb4cSShashi Mallela * the ItsCmdType parameter passed:- 267c694cb4cSShashi Mallela * 1. triggering of lpi interrupt translation via ITS INT command 268c694cb4cSShashi Mallela * 2. triggering of lpi interrupt translation via gits_translater register 269c694cb4cSShashi Mallela * 3. handling of ITS CLEAR command 270c694cb4cSShashi Mallela * 4. handling of ITS DISCARD command 271c694cb4cSShashi Mallela */ 272b6f96009SPeter Maydell static ItsCmdResult do_process_its_cmd(GICv3ITSState *s, uint32_t devid, 273b6f96009SPeter Maydell uint32_t eventid, ItsCmdType cmd) 274c694cb4cSShashi Mallela { 2758f809f69SPeter Maydell uint64_t num_eventids; 2764acf93e1SPeter Maydell DTEntry dte; 277d37cf49bSPeter Maydell CTEntry cte; 278*244194feSPeter Maydell ITEntry ite; 279c694cb4cSShashi Mallela 2808b8bb014SPeter Maydell if (devid >= s->dt.num_entries) { 281b13148d9SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 282b13148d9SPeter Maydell "%s: invalid command attributes: devid %d>=%d", 2838b8bb014SPeter Maydell __func__, devid, s->dt.num_entries); 284b13148d9SPeter Maydell return CMD_CONTINUE; 285b13148d9SPeter Maydell } 286b13148d9SPeter Maydell 2874acf93e1SPeter Maydell if (get_dte(s, devid, &dte) != MEMTX_OK) { 288593a7cc2SPeter Maydell return CMD_STALL; 289c694cb4cSShashi Mallela } 2904acf93e1SPeter Maydell if (!dte.valid) { 291229c57b1SAlex Bennée qemu_log_mask(LOG_GUEST_ERROR, 292229c57b1SAlex Bennée "%s: invalid command attributes: " 2934acf93e1SPeter Maydell "invalid dte for %d\n", __func__, devid); 294593a7cc2SPeter Maydell return CMD_CONTINUE; 295c694cb4cSShashi Mallela } 296c694cb4cSShashi Mallela 2974acf93e1SPeter Maydell num_eventids = 1ULL << (dte.size + 1); 298b13148d9SPeter Maydell if (eventid >= num_eventids) { 299b13148d9SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 300b13148d9SPeter Maydell "%s: invalid command attributes: eventid %d >= %" 301b13148d9SPeter Maydell PRId64 "\n", 302b13148d9SPeter Maydell __func__, eventid, num_eventids); 303b13148d9SPeter Maydell return CMD_CONTINUE; 304b13148d9SPeter Maydell } 305b13148d9SPeter Maydell 306*244194feSPeter Maydell if (get_ite(s, eventid, &dte, &ite) != MEMTX_OK) { 307be0ed8fbSPeter Maydell return CMD_STALL; 308be0ed8fbSPeter Maydell } 309be0ed8fbSPeter Maydell 310*244194feSPeter Maydell if (!ite.valid || ite.inttype != ITE_INTTYPE_PHYSICAL) { 311be0ed8fbSPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 312be0ed8fbSPeter Maydell "%s: invalid command attributes: invalid ITE\n", 313be0ed8fbSPeter Maydell __func__); 314be0ed8fbSPeter Maydell return CMD_CONTINUE; 315be0ed8fbSPeter Maydell } 316be0ed8fbSPeter Maydell 317*244194feSPeter Maydell if (ite.icid >= s->ct.num_entries) { 31858b88779SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 31958b88779SPeter Maydell "%s: invalid ICID 0x%x in ITE (table corrupted?)\n", 320*244194feSPeter Maydell __func__, ite.icid); 32158b88779SPeter Maydell return CMD_CONTINUE; 32258b88779SPeter Maydell } 32358b88779SPeter Maydell 324*244194feSPeter Maydell if (get_cte(s, ite.icid, &cte) != MEMTX_OK) { 325be0ed8fbSPeter Maydell return CMD_STALL; 326be0ed8fbSPeter Maydell } 327d37cf49bSPeter Maydell if (!cte.valid) { 328be0ed8fbSPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 329d37cf49bSPeter Maydell "%s: invalid command attributes: invalid CTE\n", 330d37cf49bSPeter Maydell __func__); 331be0ed8fbSPeter Maydell return CMD_CONTINUE; 332be0ed8fbSPeter Maydell } 333be0ed8fbSPeter Maydell 334c694cb4cSShashi Mallela /* 335c694cb4cSShashi Mallela * Current implementation only supports rdbase == procnum 336c694cb4cSShashi Mallela * Hence rdbase physical address is ignored 337c694cb4cSShashi Mallela */ 338d37cf49bSPeter Maydell if (cte.rdbase >= s->gicv3->num_cpu) { 339593a7cc2SPeter Maydell return CMD_CONTINUE; 34017fb5e36SShashi Mallela } 34117fb5e36SShashi Mallela 34217fb5e36SShashi Mallela if ((cmd == CLEAR) || (cmd == DISCARD)) { 343*244194feSPeter Maydell gicv3_redist_process_lpi(&s->gicv3->cpu[cte.rdbase], ite.intid, 0); 34417fb5e36SShashi Mallela } else { 345*244194feSPeter Maydell gicv3_redist_process_lpi(&s->gicv3->cpu[cte.rdbase], ite.intid, 1); 34617fb5e36SShashi Mallela } 34717fb5e36SShashi Mallela 348c694cb4cSShashi Mallela if (cmd == DISCARD) { 349*244194feSPeter Maydell IteEntry itee = {}; 350c694cb4cSShashi Mallela /* remove mapping from interrupt translation table */ 351*244194feSPeter Maydell return update_ite(s, eventid, &dte, itee) ? CMD_CONTINUE : CMD_STALL; 352c694cb4cSShashi Mallela } 353593a7cc2SPeter Maydell return CMD_CONTINUE; 354c694cb4cSShashi Mallela } 355b6f96009SPeter Maydell static ItsCmdResult process_its_cmd(GICv3ITSState *s, const uint64_t *cmdpkt, 356b6f96009SPeter Maydell ItsCmdType cmd) 357c694cb4cSShashi Mallela { 358b6f96009SPeter Maydell uint32_t devid, eventid; 359b6f96009SPeter Maydell 360b6f96009SPeter Maydell devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT; 361b6f96009SPeter Maydell eventid = cmdpkt[1] & EVENTID_MASK; 362b6f96009SPeter Maydell return do_process_its_cmd(s, devid, eventid, cmd); 363b6f96009SPeter Maydell } 364b6f96009SPeter Maydell 365b6f96009SPeter Maydell static ItsCmdResult process_mapti(GICv3ITSState *s, const uint64_t *cmdpkt, 366b6f96009SPeter Maydell bool ignore_pInt) 367b6f96009SPeter Maydell { 368c694cb4cSShashi Mallela uint32_t devid, eventid; 369c694cb4cSShashi Mallela uint32_t pIntid = 0; 3708f809f69SPeter Maydell uint64_t num_eventids; 371905720f1SPeter Maydell uint32_t num_intids; 372c694cb4cSShashi Mallela uint16_t icid = 0; 3730241f731SPeter Maydell IteEntry ite = {}; 3744acf93e1SPeter Maydell DTEntry dte; 375c694cb4cSShashi Mallela 376b6f96009SPeter Maydell devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT; 377b6f96009SPeter Maydell eventid = cmdpkt[1] & EVENTID_MASK; 378c694cb4cSShashi Mallela 379b87fab1cSPeter Maydell if (ignore_pInt) { 380b87fab1cSPeter Maydell pIntid = eventid; 381b87fab1cSPeter Maydell } else { 382b6f96009SPeter Maydell pIntid = (cmdpkt[1] & pINTID_MASK) >> pINTID_SHIFT; 383c694cb4cSShashi Mallela } 384c694cb4cSShashi Mallela 385b6f96009SPeter Maydell icid = cmdpkt[2] & ICID_MASK; 386c694cb4cSShashi Mallela 3878b8bb014SPeter Maydell if (devid >= s->dt.num_entries) { 388b13148d9SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 389b13148d9SPeter Maydell "%s: invalid command attributes: devid %d>=%d", 3908b8bb014SPeter Maydell __func__, devid, s->dt.num_entries); 391b13148d9SPeter Maydell return CMD_CONTINUE; 392b13148d9SPeter Maydell } 393b13148d9SPeter Maydell 3944acf93e1SPeter Maydell if (get_dte(s, devid, &dte) != MEMTX_OK) { 3950241f731SPeter Maydell return CMD_STALL; 396c694cb4cSShashi Mallela } 3974acf93e1SPeter Maydell num_eventids = 1ULL << (dte.size + 1); 398905720f1SPeter Maydell num_intids = 1ULL << (GICD_TYPER_IDBITS + 1); 399c694cb4cSShashi Mallela 4008b8bb014SPeter Maydell if ((icid >= s->ct.num_entries) 4014acf93e1SPeter Maydell || !dte.valid || (eventid >= num_eventids) || 402905720f1SPeter Maydell (((pIntid < GICV3_LPI_INTID_START) || (pIntid >= num_intids)) && 403b87fab1cSPeter Maydell (pIntid != INTID_SPURIOUS))) { 404c694cb4cSShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 405c694cb4cSShashi Mallela "%s: invalid command attributes " 406b13148d9SPeter Maydell "icid %d or eventid %d or pIntid %d or" 407b13148d9SPeter Maydell "unmapped dte %d\n", __func__, icid, eventid, 4084acf93e1SPeter Maydell pIntid, dte.valid); 409c694cb4cSShashi Mallela /* 410c694cb4cSShashi Mallela * in this implementation, in case of error 411c694cb4cSShashi Mallela * we ignore this command and move onto the next 412c694cb4cSShashi Mallela * command in the queue 413c694cb4cSShashi Mallela */ 4140241f731SPeter Maydell return CMD_CONTINUE; 4150241f731SPeter Maydell } 4160241f731SPeter Maydell 417c694cb4cSShashi Mallela /* add ite entry to interrupt translation table */ 4184acf93e1SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, VALID, true); 419764d6ba1SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, INTTYPE, ITE_INTTYPE_PHYSICAL); 420764d6ba1SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, INTID, pIntid); 421a1ce993dSPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, ICID, icid); 422a1ce993dSPeter Maydell ite.iteh = FIELD_DP32(ite.iteh, ITE_H, DOORBELL, INTID_SPURIOUS); 423c694cb4cSShashi Mallela 4244acf93e1SPeter Maydell return update_ite(s, eventid, &dte, ite) ? CMD_CONTINUE : CMD_STALL; 425c694cb4cSShashi Mallela } 426c694cb4cSShashi Mallela 42706985cc3SPeter Maydell /* 42806985cc3SPeter Maydell * Update the Collection Table entry for @icid to @cte. Returns true 42906985cc3SPeter Maydell * on success, false if there was a memory access error. 43006985cc3SPeter Maydell */ 43106985cc3SPeter Maydell static bool update_cte(GICv3ITSState *s, uint16_t icid, const CTEntry *cte) 4327eca39e0SShashi Mallela { 4337eca39e0SShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 434d050f80fSPeter Maydell uint64_t entry_addr; 43506985cc3SPeter Maydell uint64_t cteval = 0; 4367eca39e0SShashi Mallela MemTxResult res = MEMTX_OK; 4377eca39e0SShashi Mallela 4387eca39e0SShashi Mallela if (!s->ct.valid) { 4397eca39e0SShashi Mallela return true; 4407eca39e0SShashi Mallela } 4417eca39e0SShashi Mallela 44206985cc3SPeter Maydell if (cte->valid) { 4437eca39e0SShashi Mallela /* add mapping entry to collection table */ 44406985cc3SPeter Maydell cteval = FIELD_DP64(cteval, CTE, VALID, 1); 44506985cc3SPeter Maydell cteval = FIELD_DP64(cteval, CTE, RDBASE, cte->rdbase); 4467eca39e0SShashi Mallela } 4477eca39e0SShashi Mallela 448d050f80fSPeter Maydell entry_addr = table_entry_addr(s, &s->ct, icid, &res); 4497eca39e0SShashi Mallela if (res != MEMTX_OK) { 450d050f80fSPeter Maydell /* memory access error: stall */ 4517eca39e0SShashi Mallela return false; 4527eca39e0SShashi Mallela } 453d050f80fSPeter Maydell if (entry_addr == -1) { 454d050f80fSPeter Maydell /* No L2 table for this index: discard write and continue */ 4557eca39e0SShashi Mallela return true; 4567eca39e0SShashi Mallela } 457d050f80fSPeter Maydell 45806985cc3SPeter Maydell address_space_stq_le(as, entry_addr, cteval, MEMTXATTRS_UNSPECIFIED, &res); 459d050f80fSPeter Maydell return res == MEMTX_OK; 4607eca39e0SShashi Mallela } 4617eca39e0SShashi Mallela 462b6f96009SPeter Maydell static ItsCmdResult process_mapc(GICv3ITSState *s, const uint64_t *cmdpkt) 4637eca39e0SShashi Mallela { 4647eca39e0SShashi Mallela uint16_t icid; 46506985cc3SPeter Maydell CTEntry cte; 4667eca39e0SShashi Mallela 467b6f96009SPeter Maydell icid = cmdpkt[2] & ICID_MASK; 4687eca39e0SShashi Mallela 46906985cc3SPeter Maydell cte.rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT; 47006985cc3SPeter Maydell cte.rdbase &= RDBASE_PROCNUM_MASK; 4717eca39e0SShashi Mallela 47206985cc3SPeter Maydell cte.valid = cmdpkt[2] & CMD_FIELD_VALID_MASK; 4737eca39e0SShashi Mallela 47406985cc3SPeter Maydell if ((icid >= s->ct.num_entries) || (cte.rdbase >= s->gicv3->num_cpu)) { 4757eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 4767eca39e0SShashi Mallela "ITS MAPC: invalid collection table attributes " 47706985cc3SPeter Maydell "icid %d rdbase %u\n", icid, cte.rdbase); 4787eca39e0SShashi Mallela /* 4797eca39e0SShashi Mallela * in this implementation, in case of error 4807eca39e0SShashi Mallela * we ignore this command and move onto the next 4817eca39e0SShashi Mallela * command in the queue 4827eca39e0SShashi Mallela */ 483f6675196SPeter Maydell return CMD_CONTINUE; 4847eca39e0SShashi Mallela } 4857eca39e0SShashi Mallela 48606985cc3SPeter Maydell return update_cte(s, icid, &cte) ? CMD_CONTINUE : CMD_STALL; 4877eca39e0SShashi Mallela } 4887eca39e0SShashi Mallela 48922d62b08SPeter Maydell /* 49022d62b08SPeter Maydell * Update the Device Table entry for @devid to @dte. Returns true 49122d62b08SPeter Maydell * on success, false if there was a memory access error. 49222d62b08SPeter Maydell */ 49322d62b08SPeter Maydell static bool update_dte(GICv3ITSState *s, uint32_t devid, const DTEntry *dte) 4947eca39e0SShashi Mallela { 4957eca39e0SShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 496d050f80fSPeter Maydell uint64_t entry_addr; 49722d62b08SPeter Maydell uint64_t dteval = 0; 4987eca39e0SShashi Mallela MemTxResult res = MEMTX_OK; 4997eca39e0SShashi Mallela 5007eca39e0SShashi Mallela if (s->dt.valid) { 50122d62b08SPeter Maydell if (dte->valid) { 5027eca39e0SShashi Mallela /* add mapping entry to device table */ 50322d62b08SPeter Maydell dteval = FIELD_DP64(dteval, DTE, VALID, 1); 50422d62b08SPeter Maydell dteval = FIELD_DP64(dteval, DTE, SIZE, dte->size); 50522d62b08SPeter Maydell dteval = FIELD_DP64(dteval, DTE, ITTADDR, dte->ittaddr); 5067eca39e0SShashi Mallela } 5077eca39e0SShashi Mallela } else { 5087eca39e0SShashi Mallela return true; 5097eca39e0SShashi Mallela } 5107eca39e0SShashi Mallela 511d050f80fSPeter Maydell entry_addr = table_entry_addr(s, &s->dt, devid, &res); 5127eca39e0SShashi Mallela if (res != MEMTX_OK) { 513d050f80fSPeter Maydell /* memory access error: stall */ 5147eca39e0SShashi Mallela return false; 5157eca39e0SShashi Mallela } 516d050f80fSPeter Maydell if (entry_addr == -1) { 517d050f80fSPeter Maydell /* No L2 table for this index: discard write and continue */ 5187eca39e0SShashi Mallela return true; 5197eca39e0SShashi Mallela } 52022d62b08SPeter Maydell address_space_stq_le(as, entry_addr, dteval, MEMTXATTRS_UNSPECIFIED, &res); 521d050f80fSPeter Maydell return res == MEMTX_OK; 5227eca39e0SShashi Mallela } 5237eca39e0SShashi Mallela 524b6f96009SPeter Maydell static ItsCmdResult process_mapd(GICv3ITSState *s, const uint64_t *cmdpkt) 5257eca39e0SShashi Mallela { 5267eca39e0SShashi Mallela uint32_t devid; 52722d62b08SPeter Maydell DTEntry dte; 5287eca39e0SShashi Mallela 529b6f96009SPeter Maydell devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT; 53022d62b08SPeter Maydell dte.size = cmdpkt[1] & SIZE_MASK; 53122d62b08SPeter Maydell dte.ittaddr = (cmdpkt[2] & ITTADDR_MASK) >> ITTADDR_SHIFT; 53222d62b08SPeter Maydell dte.valid = cmdpkt[2] & CMD_FIELD_VALID_MASK; 5337eca39e0SShashi Mallela 5348b8bb014SPeter Maydell if ((devid >= s->dt.num_entries) || 53522d62b08SPeter Maydell (dte.size > FIELD_EX64(s->typer, GITS_TYPER, IDBITS))) { 5367eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 5377eca39e0SShashi Mallela "ITS MAPD: invalid device table attributes " 53822d62b08SPeter Maydell "devid %d or size %d\n", devid, dte.size); 5397eca39e0SShashi Mallela /* 5407eca39e0SShashi Mallela * in this implementation, in case of error 5417eca39e0SShashi Mallela * we ignore this command and move onto the next 5427eca39e0SShashi Mallela * command in the queue 5437eca39e0SShashi Mallela */ 54400d46e72SPeter Maydell return CMD_CONTINUE; 5457eca39e0SShashi Mallela } 5467eca39e0SShashi Mallela 54722d62b08SPeter Maydell return update_dte(s, devid, &dte) ? CMD_CONTINUE : CMD_STALL; 5487eca39e0SShashi Mallela } 5497eca39e0SShashi Mallela 550b6f96009SPeter Maydell static ItsCmdResult process_movall(GICv3ITSState *s, const uint64_t *cmdpkt) 551f6d1d9b4SPeter Maydell { 552f6d1d9b4SPeter Maydell uint64_t rd1, rd2; 553f6d1d9b4SPeter Maydell 554b6f96009SPeter Maydell rd1 = FIELD_EX64(cmdpkt[2], MOVALL_2, RDBASE1); 555b6f96009SPeter Maydell rd2 = FIELD_EX64(cmdpkt[3], MOVALL_3, RDBASE2); 556f6d1d9b4SPeter Maydell 557f6d1d9b4SPeter Maydell if (rd1 >= s->gicv3->num_cpu) { 558f6d1d9b4SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 559f6d1d9b4SPeter Maydell "%s: RDBASE1 %" PRId64 560f6d1d9b4SPeter Maydell " out of range (must be less than %d)\n", 561f6d1d9b4SPeter Maydell __func__, rd1, s->gicv3->num_cpu); 562f6d1d9b4SPeter Maydell return CMD_CONTINUE; 563f6d1d9b4SPeter Maydell } 564f6d1d9b4SPeter Maydell if (rd2 >= s->gicv3->num_cpu) { 565f6d1d9b4SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 566f6d1d9b4SPeter Maydell "%s: RDBASE2 %" PRId64 567f6d1d9b4SPeter Maydell " out of range (must be less than %d)\n", 568f6d1d9b4SPeter Maydell __func__, rd2, s->gicv3->num_cpu); 569f6d1d9b4SPeter Maydell return CMD_CONTINUE; 570f6d1d9b4SPeter Maydell } 571f6d1d9b4SPeter Maydell 572f6d1d9b4SPeter Maydell if (rd1 == rd2) { 573f6d1d9b4SPeter Maydell /* Move to same target must succeed as a no-op */ 574f6d1d9b4SPeter Maydell return CMD_CONTINUE; 575f6d1d9b4SPeter Maydell } 576f6d1d9b4SPeter Maydell 577f6d1d9b4SPeter Maydell /* Move all pending LPIs from redistributor 1 to redistributor 2 */ 578f6d1d9b4SPeter Maydell gicv3_redist_movall_lpis(&s->gicv3->cpu[rd1], &s->gicv3->cpu[rd2]); 579f6d1d9b4SPeter Maydell 580f6d1d9b4SPeter Maydell return CMD_CONTINUE; 581f6d1d9b4SPeter Maydell } 582f6d1d9b4SPeter Maydell 583b6f96009SPeter Maydell static ItsCmdResult process_movi(GICv3ITSState *s, const uint64_t *cmdpkt) 584961b4912SPeter Maydell { 585*244194feSPeter Maydell uint32_t devid, eventid; 586*244194feSPeter Maydell uint16_t new_icid; 587961b4912SPeter Maydell uint64_t num_eventids; 588961b4912SPeter Maydell IteEntry ite = {}; 5894acf93e1SPeter Maydell DTEntry dte; 590d37cf49bSPeter Maydell CTEntry old_cte, new_cte; 591*244194feSPeter Maydell ITEntry old_ite; 592961b4912SPeter Maydell 593b6f96009SPeter Maydell devid = FIELD_EX64(cmdpkt[0], MOVI_0, DEVICEID); 594b6f96009SPeter Maydell eventid = FIELD_EX64(cmdpkt[1], MOVI_1, EVENTID); 595b6f96009SPeter Maydell new_icid = FIELD_EX64(cmdpkt[2], MOVI_2, ICID); 596961b4912SPeter Maydell 597961b4912SPeter Maydell if (devid >= s->dt.num_entries) { 598961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 599961b4912SPeter Maydell "%s: invalid command attributes: devid %d>=%d", 600961b4912SPeter Maydell __func__, devid, s->dt.num_entries); 601961b4912SPeter Maydell return CMD_CONTINUE; 602961b4912SPeter Maydell } 6034acf93e1SPeter Maydell if (get_dte(s, devid, &dte) != MEMTX_OK) { 604961b4912SPeter Maydell return CMD_STALL; 605961b4912SPeter Maydell } 606961b4912SPeter Maydell 6074acf93e1SPeter Maydell if (!dte.valid) { 608961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 609961b4912SPeter Maydell "%s: invalid command attributes: " 6104acf93e1SPeter Maydell "invalid dte for %d\n", __func__, devid); 611961b4912SPeter Maydell return CMD_CONTINUE; 612961b4912SPeter Maydell } 613961b4912SPeter Maydell 6144acf93e1SPeter Maydell num_eventids = 1ULL << (dte.size + 1); 615961b4912SPeter Maydell if (eventid >= num_eventids) { 616961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 617961b4912SPeter Maydell "%s: invalid command attributes: eventid %d >= %" 618961b4912SPeter Maydell PRId64 "\n", 619961b4912SPeter Maydell __func__, eventid, num_eventids); 620961b4912SPeter Maydell return CMD_CONTINUE; 621961b4912SPeter Maydell } 622961b4912SPeter Maydell 623*244194feSPeter Maydell if (get_ite(s, eventid, &dte, &old_ite) != MEMTX_OK) { 624961b4912SPeter Maydell return CMD_STALL; 625961b4912SPeter Maydell } 626961b4912SPeter Maydell 627*244194feSPeter Maydell if (!old_ite.valid || old_ite.inttype != ITE_INTTYPE_PHYSICAL) { 628961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 629961b4912SPeter Maydell "%s: invalid command attributes: invalid ITE\n", 630961b4912SPeter Maydell __func__); 631961b4912SPeter Maydell return CMD_CONTINUE; 632961b4912SPeter Maydell } 633961b4912SPeter Maydell 634*244194feSPeter Maydell if (old_ite.icid >= s->ct.num_entries) { 635961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 636961b4912SPeter Maydell "%s: invalid ICID 0x%x in ITE (table corrupted?)\n", 637*244194feSPeter Maydell __func__, old_ite.icid); 638961b4912SPeter Maydell return CMD_CONTINUE; 639961b4912SPeter Maydell } 640961b4912SPeter Maydell 641961b4912SPeter Maydell if (new_icid >= s->ct.num_entries) { 642961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 643961b4912SPeter Maydell "%s: invalid command attributes: ICID 0x%x\n", 644961b4912SPeter Maydell __func__, new_icid); 645961b4912SPeter Maydell return CMD_CONTINUE; 646961b4912SPeter Maydell } 647961b4912SPeter Maydell 648*244194feSPeter Maydell if (get_cte(s, old_ite.icid, &old_cte) != MEMTX_OK) { 649961b4912SPeter Maydell return CMD_STALL; 650961b4912SPeter Maydell } 651d37cf49bSPeter Maydell if (!old_cte.valid) { 652961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 653961b4912SPeter Maydell "%s: invalid command attributes: " 654d37cf49bSPeter Maydell "invalid CTE for old ICID 0x%x\n", 655*244194feSPeter Maydell __func__, old_ite.icid); 656961b4912SPeter Maydell return CMD_CONTINUE; 657961b4912SPeter Maydell } 658961b4912SPeter Maydell 659d37cf49bSPeter Maydell if (get_cte(s, new_icid, &new_cte) != MEMTX_OK) { 660961b4912SPeter Maydell return CMD_STALL; 661961b4912SPeter Maydell } 662d37cf49bSPeter Maydell if (!new_cte.valid) { 663961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 664961b4912SPeter Maydell "%s: invalid command attributes: " 665d37cf49bSPeter Maydell "invalid CTE for new ICID 0x%x\n", 666d37cf49bSPeter Maydell __func__, new_icid); 667961b4912SPeter Maydell return CMD_CONTINUE; 668961b4912SPeter Maydell } 669961b4912SPeter Maydell 670d37cf49bSPeter Maydell if (old_cte.rdbase >= s->gicv3->num_cpu) { 671961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 672d37cf49bSPeter Maydell "%s: CTE has invalid rdbase 0x%x\n", 673d37cf49bSPeter Maydell __func__, old_cte.rdbase); 674961b4912SPeter Maydell return CMD_CONTINUE; 675961b4912SPeter Maydell } 676961b4912SPeter Maydell 677d37cf49bSPeter Maydell if (new_cte.rdbase >= s->gicv3->num_cpu) { 678961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 679d37cf49bSPeter Maydell "%s: CTE has invalid rdbase 0x%x\n", 680d37cf49bSPeter Maydell __func__, new_cte.rdbase); 681961b4912SPeter Maydell return CMD_CONTINUE; 682961b4912SPeter Maydell } 683961b4912SPeter Maydell 684d37cf49bSPeter Maydell if (old_cte.rdbase != new_cte.rdbase) { 685961b4912SPeter Maydell /* Move the LPI from the old redistributor to the new one */ 686d37cf49bSPeter Maydell gicv3_redist_mov_lpi(&s->gicv3->cpu[old_cte.rdbase], 687d37cf49bSPeter Maydell &s->gicv3->cpu[new_cte.rdbase], 688*244194feSPeter Maydell old_ite.intid); 689961b4912SPeter Maydell } 690961b4912SPeter Maydell 691961b4912SPeter Maydell /* Update the ICID field in the interrupt translation table entry */ 692961b4912SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, VALID, 1); 693961b4912SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, INTTYPE, ITE_INTTYPE_PHYSICAL); 694*244194feSPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, INTID, old_ite.intid); 695a1ce993dSPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, ICID, new_icid); 696a1ce993dSPeter Maydell ite.iteh = FIELD_DP32(ite.iteh, ITE_H, DOORBELL, INTID_SPURIOUS); 6974acf93e1SPeter Maydell return update_ite(s, eventid, &dte, ite) ? CMD_CONTINUE : CMD_STALL; 698961b4912SPeter Maydell } 699961b4912SPeter Maydell 7007eca39e0SShashi Mallela /* 7017eca39e0SShashi Mallela * Current implementation blocks until all 7027eca39e0SShashi Mallela * commands are processed 7037eca39e0SShashi Mallela */ 7047eca39e0SShashi Mallela static void process_cmdq(GICv3ITSState *s) 7057eca39e0SShashi Mallela { 7067eca39e0SShashi Mallela uint32_t wr_offset = 0; 7077eca39e0SShashi Mallela uint32_t rd_offset = 0; 7087eca39e0SShashi Mallela uint32_t cq_offset = 0; 7097eca39e0SShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 7107eca39e0SShashi Mallela uint8_t cmd; 71117fb5e36SShashi Mallela int i; 7127eca39e0SShashi Mallela 7138d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 7147eca39e0SShashi Mallela return; 7157eca39e0SShashi Mallela } 7167eca39e0SShashi Mallela 7177eca39e0SShashi Mallela wr_offset = FIELD_EX64(s->cwriter, GITS_CWRITER, OFFSET); 7187eca39e0SShashi Mallela 71980dcd37fSPeter Maydell if (wr_offset >= s->cq.num_entries) { 7207eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 7217eca39e0SShashi Mallela "%s: invalid write offset " 7227eca39e0SShashi Mallela "%d\n", __func__, wr_offset); 7237eca39e0SShashi Mallela return; 7247eca39e0SShashi Mallela } 7257eca39e0SShashi Mallela 7267eca39e0SShashi Mallela rd_offset = FIELD_EX64(s->creadr, GITS_CREADR, OFFSET); 7277eca39e0SShashi Mallela 72880dcd37fSPeter Maydell if (rd_offset >= s->cq.num_entries) { 7297eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 7307eca39e0SShashi Mallela "%s: invalid read offset " 7317eca39e0SShashi Mallela "%d\n", __func__, rd_offset); 7327eca39e0SShashi Mallela return; 7337eca39e0SShashi Mallela } 7347eca39e0SShashi Mallela 7357eca39e0SShashi Mallela while (wr_offset != rd_offset) { 736ef011555SPeter Maydell ItsCmdResult result = CMD_CONTINUE; 737b6f96009SPeter Maydell void *hostmem; 738b6f96009SPeter Maydell hwaddr buflen; 739b6f96009SPeter Maydell uint64_t cmdpkt[GITS_CMDQ_ENTRY_WORDS]; 740ef011555SPeter Maydell 7417eca39e0SShashi Mallela cq_offset = (rd_offset * GITS_CMDQ_ENTRY_SIZE); 742b6f96009SPeter Maydell 743b6f96009SPeter Maydell buflen = GITS_CMDQ_ENTRY_SIZE; 744b6f96009SPeter Maydell hostmem = address_space_map(as, s->cq.base_addr + cq_offset, 745b6f96009SPeter Maydell &buflen, false, MEMTXATTRS_UNSPECIFIED); 746b6f96009SPeter Maydell if (!hostmem || buflen != GITS_CMDQ_ENTRY_SIZE) { 747b6f96009SPeter Maydell if (hostmem) { 748b6f96009SPeter Maydell address_space_unmap(as, hostmem, buflen, false, 0); 749b6f96009SPeter Maydell } 750f0b4b2a2SPeter Maydell s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, STALLED, 1); 751f0b4b2a2SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 752f0b4b2a2SPeter Maydell "%s: could not read command at 0x%" PRIx64 "\n", 753f0b4b2a2SPeter Maydell __func__, s->cq.base_addr + cq_offset); 754f0b4b2a2SPeter Maydell break; 7557eca39e0SShashi Mallela } 756b6f96009SPeter Maydell for (i = 0; i < ARRAY_SIZE(cmdpkt); i++) { 757b6f96009SPeter Maydell cmdpkt[i] = ldq_le_p(hostmem + i * sizeof(uint64_t)); 758b6f96009SPeter Maydell } 759b6f96009SPeter Maydell address_space_unmap(as, hostmem, buflen, false, 0); 760f0b4b2a2SPeter Maydell 761b6f96009SPeter Maydell cmd = cmdpkt[0] & CMD_MASK; 7627eca39e0SShashi Mallela 763195209d3SPeter Maydell trace_gicv3_its_process_command(rd_offset, cmd); 764195209d3SPeter Maydell 7657eca39e0SShashi Mallela switch (cmd) { 7667eca39e0SShashi Mallela case GITS_CMD_INT: 767b6f96009SPeter Maydell result = process_its_cmd(s, cmdpkt, INTERRUPT); 7687eca39e0SShashi Mallela break; 7697eca39e0SShashi Mallela case GITS_CMD_CLEAR: 770b6f96009SPeter Maydell result = process_its_cmd(s, cmdpkt, CLEAR); 7717eca39e0SShashi Mallela break; 7727eca39e0SShashi Mallela case GITS_CMD_SYNC: 7737eca39e0SShashi Mallela /* 7747eca39e0SShashi Mallela * Current implementation makes a blocking synchronous call 7757eca39e0SShashi Mallela * for every command issued earlier, hence the internal state 7767eca39e0SShashi Mallela * is already consistent by the time SYNC command is executed. 7777eca39e0SShashi Mallela * Hence no further processing is required for SYNC command. 7787eca39e0SShashi Mallela */ 7797eca39e0SShashi Mallela break; 7807eca39e0SShashi Mallela case GITS_CMD_MAPD: 781b6f96009SPeter Maydell result = process_mapd(s, cmdpkt); 7827eca39e0SShashi Mallela break; 7837eca39e0SShashi Mallela case GITS_CMD_MAPC: 784b6f96009SPeter Maydell result = process_mapc(s, cmdpkt); 7857eca39e0SShashi Mallela break; 7867eca39e0SShashi Mallela case GITS_CMD_MAPTI: 787b6f96009SPeter Maydell result = process_mapti(s, cmdpkt, false); 7887eca39e0SShashi Mallela break; 7897eca39e0SShashi Mallela case GITS_CMD_MAPI: 790b6f96009SPeter Maydell result = process_mapti(s, cmdpkt, true); 7917eca39e0SShashi Mallela break; 7927eca39e0SShashi Mallela case GITS_CMD_DISCARD: 793b6f96009SPeter Maydell result = process_its_cmd(s, cmdpkt, DISCARD); 7947eca39e0SShashi Mallela break; 7957eca39e0SShashi Mallela case GITS_CMD_INV: 7967eca39e0SShashi Mallela case GITS_CMD_INVALL: 79717fb5e36SShashi Mallela /* 79817fb5e36SShashi Mallela * Current implementation doesn't cache any ITS tables, 79917fb5e36SShashi Mallela * but the calculated lpi priority information. We only 80017fb5e36SShashi Mallela * need to trigger lpi priority re-calculation to be in 80117fb5e36SShashi Mallela * sync with LPI config table or pending table changes. 80217fb5e36SShashi Mallela */ 80317fb5e36SShashi Mallela for (i = 0; i < s->gicv3->num_cpu; i++) { 80417fb5e36SShashi Mallela gicv3_redist_update_lpi(&s->gicv3->cpu[i]); 80517fb5e36SShashi Mallela } 8067eca39e0SShashi Mallela break; 807961b4912SPeter Maydell case GITS_CMD_MOVI: 808b6f96009SPeter Maydell result = process_movi(s, cmdpkt); 809961b4912SPeter Maydell break; 810f6d1d9b4SPeter Maydell case GITS_CMD_MOVALL: 811b6f96009SPeter Maydell result = process_movall(s, cmdpkt); 812f6d1d9b4SPeter Maydell break; 8137eca39e0SShashi Mallela default: 8147eca39e0SShashi Mallela break; 8157eca39e0SShashi Mallela } 816ef011555SPeter Maydell if (result == CMD_CONTINUE) { 8177eca39e0SShashi Mallela rd_offset++; 81880dcd37fSPeter Maydell rd_offset %= s->cq.num_entries; 8197eca39e0SShashi Mallela s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, OFFSET, rd_offset); 8207eca39e0SShashi Mallela } else { 821ef011555SPeter Maydell /* CMD_STALL */ 8227eca39e0SShashi Mallela s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, STALLED, 1); 8237eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 824ef011555SPeter Maydell "%s: 0x%x cmd processing failed, stalling\n", 825ef011555SPeter Maydell __func__, cmd); 8267eca39e0SShashi Mallela break; 8277eca39e0SShashi Mallela } 8287eca39e0SShashi Mallela } 8297eca39e0SShashi Mallela } 8307eca39e0SShashi Mallela 8311b08e436SShashi Mallela /* 8321b08e436SShashi Mallela * This function extracts the ITS Device and Collection table specific 8331b08e436SShashi Mallela * parameters (like base_addr, size etc) from GITS_BASER register. 8341b08e436SShashi Mallela * It is called during ITS enable and also during post_load migration 8351b08e436SShashi Mallela */ 8361b08e436SShashi Mallela static void extract_table_params(GICv3ITSState *s) 8371b08e436SShashi Mallela { 8381b08e436SShashi Mallela uint16_t num_pages = 0; 8391b08e436SShashi Mallela uint8_t page_sz_type; 8401b08e436SShashi Mallela uint8_t type; 8411b08e436SShashi Mallela uint32_t page_sz = 0; 8421b08e436SShashi Mallela uint64_t value; 8431b08e436SShashi Mallela 8441b08e436SShashi Mallela for (int i = 0; i < 8; i++) { 845e5487a41SPeter Maydell TableDesc *td; 846e5487a41SPeter Maydell int idbits; 847e5487a41SPeter Maydell 8481b08e436SShashi Mallela value = s->baser[i]; 8491b08e436SShashi Mallela 8501b08e436SShashi Mallela if (!value) { 8511b08e436SShashi Mallela continue; 8521b08e436SShashi Mallela } 8531b08e436SShashi Mallela 8541b08e436SShashi Mallela page_sz_type = FIELD_EX64(value, GITS_BASER, PAGESIZE); 8551b08e436SShashi Mallela 8561b08e436SShashi Mallela switch (page_sz_type) { 8571b08e436SShashi Mallela case 0: 8581b08e436SShashi Mallela page_sz = GITS_PAGE_SIZE_4K; 8591b08e436SShashi Mallela break; 8601b08e436SShashi Mallela 8611b08e436SShashi Mallela case 1: 8621b08e436SShashi Mallela page_sz = GITS_PAGE_SIZE_16K; 8631b08e436SShashi Mallela break; 8641b08e436SShashi Mallela 8651b08e436SShashi Mallela case 2: 8661b08e436SShashi Mallela case 3: 8671b08e436SShashi Mallela page_sz = GITS_PAGE_SIZE_64K; 8681b08e436SShashi Mallela break; 8691b08e436SShashi Mallela 8701b08e436SShashi Mallela default: 8711b08e436SShashi Mallela g_assert_not_reached(); 8721b08e436SShashi Mallela } 8731b08e436SShashi Mallela 8741b08e436SShashi Mallela num_pages = FIELD_EX64(value, GITS_BASER, SIZE) + 1; 8751b08e436SShashi Mallela 8761b08e436SShashi Mallela type = FIELD_EX64(value, GITS_BASER, TYPE); 8771b08e436SShashi Mallela 8781b08e436SShashi Mallela switch (type) { 8791b08e436SShashi Mallela case GITS_BASER_TYPE_DEVICE: 880e5487a41SPeter Maydell td = &s->dt; 881e5487a41SPeter Maydell idbits = FIELD_EX64(s->typer, GITS_TYPER, DEVBITS) + 1; 88262df780eSPeter Maydell break; 8831b08e436SShashi Mallela case GITS_BASER_TYPE_COLLECTION: 884e5487a41SPeter Maydell td = &s->ct; 8851b08e436SShashi Mallela if (FIELD_EX64(s->typer, GITS_TYPER, CIL)) { 886e5487a41SPeter Maydell idbits = FIELD_EX64(s->typer, GITS_TYPER, CIDBITS) + 1; 8871b08e436SShashi Mallela } else { 8881b08e436SShashi Mallela /* 16-bit CollectionId supported when CIL == 0 */ 889e5487a41SPeter Maydell idbits = 16; 8901b08e436SShashi Mallela } 8911b08e436SShashi Mallela break; 8921b08e436SShashi Mallela default: 893e5487a41SPeter Maydell /* 894e5487a41SPeter Maydell * GITS_BASER<n>.TYPE is read-only, so GITS_BASER_RO_MASK 895e5487a41SPeter Maydell * ensures we will only see type values corresponding to 896e5487a41SPeter Maydell * the values set up in gicv3_its_reset(). 897e5487a41SPeter Maydell */ 898e5487a41SPeter Maydell g_assert_not_reached(); 8991b08e436SShashi Mallela } 900e5487a41SPeter Maydell 901e5487a41SPeter Maydell memset(td, 0, sizeof(*td)); 902e5487a41SPeter Maydell td->valid = FIELD_EX64(value, GITS_BASER, VALID); 903e5487a41SPeter Maydell /* 904e5487a41SPeter Maydell * If GITS_BASER<n>.Valid is 0 for any <n> then we will not process 905e5487a41SPeter Maydell * interrupts. (GITS_TYPER.HCC is 0 for this implementation, so we 906e5487a41SPeter Maydell * do not have a special case where the GITS_BASER<n>.Valid bit is 0 907e5487a41SPeter Maydell * for the register corresponding to the Collection table but we 908e5487a41SPeter Maydell * still have to process interrupts using non-memory-backed 909e5487a41SPeter Maydell * Collection table entries.) 910e5487a41SPeter Maydell */ 911e5487a41SPeter Maydell if (!td->valid) { 912e5487a41SPeter Maydell continue; 913e5487a41SPeter Maydell } 914e5487a41SPeter Maydell td->page_sz = page_sz; 915e5487a41SPeter Maydell td->indirect = FIELD_EX64(value, GITS_BASER, INDIRECT); 9169ae85431SPeter Maydell td->entry_sz = FIELD_EX64(value, GITS_BASER, ENTRYSIZE) + 1; 917e5487a41SPeter Maydell td->base_addr = baser_base_addr(value, page_sz); 918e5487a41SPeter Maydell if (!td->indirect) { 91980dcd37fSPeter Maydell td->num_entries = (num_pages * page_sz) / td->entry_sz; 920e5487a41SPeter Maydell } else { 92180dcd37fSPeter Maydell td->num_entries = (((num_pages * page_sz) / 922e5487a41SPeter Maydell L1TABLE_ENTRY_SIZE) * 923e5487a41SPeter Maydell (page_sz / td->entry_sz)); 924e5487a41SPeter Maydell } 9258b8bb014SPeter Maydell td->num_entries = MIN(td->num_entries, 1ULL << idbits); 9261b08e436SShashi Mallela } 9271b08e436SShashi Mallela } 9281b08e436SShashi Mallela 9291b08e436SShashi Mallela static void extract_cmdq_params(GICv3ITSState *s) 9301b08e436SShashi Mallela { 9311b08e436SShashi Mallela uint16_t num_pages = 0; 9321b08e436SShashi Mallela uint64_t value = s->cbaser; 9331b08e436SShashi Mallela 9341b08e436SShashi Mallela num_pages = FIELD_EX64(value, GITS_CBASER, SIZE) + 1; 9351b08e436SShashi Mallela 9361b08e436SShashi Mallela memset(&s->cq, 0 , sizeof(s->cq)); 9371b08e436SShashi Mallela s->cq.valid = FIELD_EX64(value, GITS_CBASER, VALID); 9381b08e436SShashi Mallela 9391b08e436SShashi Mallela if (s->cq.valid) { 94080dcd37fSPeter Maydell s->cq.num_entries = (num_pages * GITS_PAGE_SIZE_4K) / 9411b08e436SShashi Mallela GITS_CMDQ_ENTRY_SIZE; 9421b08e436SShashi Mallela s->cq.base_addr = FIELD_EX64(value, GITS_CBASER, PHYADDR); 9431b08e436SShashi Mallela s->cq.base_addr <<= R_GITS_CBASER_PHYADDR_SHIFT; 9441b08e436SShashi Mallela } 9451b08e436SShashi Mallela } 9461b08e436SShashi Mallela 9477e062b98SPeter Maydell static MemTxResult gicv3_its_translation_read(void *opaque, hwaddr offset, 9487e062b98SPeter Maydell uint64_t *data, unsigned size, 9497e062b98SPeter Maydell MemTxAttrs attrs) 9507e062b98SPeter Maydell { 9517e062b98SPeter Maydell /* 9527e062b98SPeter Maydell * GITS_TRANSLATER is write-only, and all other addresses 9537e062b98SPeter Maydell * in the interrupt translation space frame are RES0. 9547e062b98SPeter Maydell */ 9557e062b98SPeter Maydell *data = 0; 9567e062b98SPeter Maydell return MEMTX_OK; 9577e062b98SPeter Maydell } 9587e062b98SPeter Maydell 95918f6290aSShashi Mallela static MemTxResult gicv3_its_translation_write(void *opaque, hwaddr offset, 96018f6290aSShashi Mallela uint64_t data, unsigned size, 96118f6290aSShashi Mallela MemTxAttrs attrs) 96218f6290aSShashi Mallela { 963c694cb4cSShashi Mallela GICv3ITSState *s = (GICv3ITSState *)opaque; 964c694cb4cSShashi Mallela bool result = true; 965c694cb4cSShashi Mallela 966195209d3SPeter Maydell trace_gicv3_its_translation_write(offset, data, size, attrs.requester_id); 967195209d3SPeter Maydell 968c694cb4cSShashi Mallela switch (offset) { 969c694cb4cSShashi Mallela case GITS_TRANSLATER: 9708d2d6dd9SPeter Maydell if (s->ctlr & R_GITS_CTLR_ENABLED_MASK) { 971b6f96009SPeter Maydell result = do_process_its_cmd(s, attrs.requester_id, data, NONE); 972c694cb4cSShashi Mallela } 973c694cb4cSShashi Mallela break; 974c694cb4cSShashi Mallela default: 975c694cb4cSShashi Mallela break; 976c694cb4cSShashi Mallela } 977c694cb4cSShashi Mallela 978c694cb4cSShashi Mallela if (result) { 97918f6290aSShashi Mallela return MEMTX_OK; 980c694cb4cSShashi Mallela } else { 981c694cb4cSShashi Mallela return MEMTX_ERROR; 982c694cb4cSShashi Mallela } 98318f6290aSShashi Mallela } 98418f6290aSShashi Mallela 98518f6290aSShashi Mallela static bool its_writel(GICv3ITSState *s, hwaddr offset, 98618f6290aSShashi Mallela uint64_t value, MemTxAttrs attrs) 98718f6290aSShashi Mallela { 98818f6290aSShashi Mallela bool result = true; 9891b08e436SShashi Mallela int index; 99018f6290aSShashi Mallela 9911b08e436SShashi Mallela switch (offset) { 9921b08e436SShashi Mallela case GITS_CTLR: 9932f459cd1SShashi Mallela if (value & R_GITS_CTLR_ENABLED_MASK) { 9948d2d6dd9SPeter Maydell s->ctlr |= R_GITS_CTLR_ENABLED_MASK; 9951b08e436SShashi Mallela extract_table_params(s); 9961b08e436SShashi Mallela extract_cmdq_params(s); 9977eca39e0SShashi Mallela process_cmdq(s); 9982f459cd1SShashi Mallela } else { 9998d2d6dd9SPeter Maydell s->ctlr &= ~R_GITS_CTLR_ENABLED_MASK; 10001b08e436SShashi Mallela } 10011b08e436SShashi Mallela break; 10021b08e436SShashi Mallela case GITS_CBASER: 10031b08e436SShashi Mallela /* 10041b08e436SShashi Mallela * IMPDEF choice:- GITS_CBASER register becomes RO if ITS is 10051b08e436SShashi Mallela * already enabled 10061b08e436SShashi Mallela */ 10078d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 10081b08e436SShashi Mallela s->cbaser = deposit64(s->cbaser, 0, 32, value); 10091b08e436SShashi Mallela s->creadr = 0; 10101b08e436SShashi Mallela } 10111b08e436SShashi Mallela break; 10121b08e436SShashi Mallela case GITS_CBASER + 4: 10131b08e436SShashi Mallela /* 10141b08e436SShashi Mallela * IMPDEF choice:- GITS_CBASER register becomes RO if ITS is 10151b08e436SShashi Mallela * already enabled 10161b08e436SShashi Mallela */ 10178d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 10181b08e436SShashi Mallela s->cbaser = deposit64(s->cbaser, 32, 32, value); 10191b08e436SShashi Mallela s->creadr = 0; 10201b08e436SShashi Mallela } 10211b08e436SShashi Mallela break; 10221b08e436SShashi Mallela case GITS_CWRITER: 10231b08e436SShashi Mallela s->cwriter = deposit64(s->cwriter, 0, 32, 10241b08e436SShashi Mallela (value & ~R_GITS_CWRITER_RETRY_MASK)); 10257eca39e0SShashi Mallela if (s->cwriter != s->creadr) { 10267eca39e0SShashi Mallela process_cmdq(s); 10277eca39e0SShashi Mallela } 10281b08e436SShashi Mallela break; 10291b08e436SShashi Mallela case GITS_CWRITER + 4: 10301b08e436SShashi Mallela s->cwriter = deposit64(s->cwriter, 32, 32, value); 10311b08e436SShashi Mallela break; 10321b08e436SShashi Mallela case GITS_CREADR: 10331b08e436SShashi Mallela if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) { 10341b08e436SShashi Mallela s->creadr = deposit64(s->creadr, 0, 32, 10351b08e436SShashi Mallela (value & ~R_GITS_CREADR_STALLED_MASK)); 10361b08e436SShashi Mallela } else { 10371b08e436SShashi Mallela /* RO register, ignore the write */ 10381b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 10391b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 10401b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 10411b08e436SShashi Mallela } 10421b08e436SShashi Mallela break; 10431b08e436SShashi Mallela case GITS_CREADR + 4: 10441b08e436SShashi Mallela if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) { 10451b08e436SShashi Mallela s->creadr = deposit64(s->creadr, 32, 32, value); 10461b08e436SShashi Mallela } else { 10471b08e436SShashi Mallela /* RO register, ignore the write */ 10481b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 10491b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 10501b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 10511b08e436SShashi Mallela } 10521b08e436SShashi Mallela break; 10531b08e436SShashi Mallela case GITS_BASER ... GITS_BASER + 0x3f: 10541b08e436SShashi Mallela /* 10551b08e436SShashi Mallela * IMPDEF choice:- GITS_BASERn register becomes RO if ITS is 10561b08e436SShashi Mallela * already enabled 10571b08e436SShashi Mallela */ 10588d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 10591b08e436SShashi Mallela index = (offset - GITS_BASER) / 8; 10601b08e436SShashi Mallela 10610ffe88e6SPeter Maydell if (s->baser[index] == 0) { 10620ffe88e6SPeter Maydell /* Unimplemented GITS_BASERn: RAZ/WI */ 10630ffe88e6SPeter Maydell break; 10640ffe88e6SPeter Maydell } 10651b08e436SShashi Mallela if (offset & 7) { 10661b08e436SShashi Mallela value <<= 32; 10671b08e436SShashi Mallela value &= ~GITS_BASER_RO_MASK; 10681b08e436SShashi Mallela s->baser[index] &= GITS_BASER_RO_MASK | MAKE_64BIT_MASK(0, 32); 10691b08e436SShashi Mallela s->baser[index] |= value; 10701b08e436SShashi Mallela } else { 10711b08e436SShashi Mallela value &= ~GITS_BASER_RO_MASK; 10721b08e436SShashi Mallela s->baser[index] &= GITS_BASER_RO_MASK | MAKE_64BIT_MASK(32, 32); 10731b08e436SShashi Mallela s->baser[index] |= value; 10741b08e436SShashi Mallela } 10751b08e436SShashi Mallela } 10761b08e436SShashi Mallela break; 10771b08e436SShashi Mallela case GITS_IIDR: 10781b08e436SShashi Mallela case GITS_IDREGS ... GITS_IDREGS + 0x2f: 10791b08e436SShashi Mallela /* RO registers, ignore the write */ 10801b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 10811b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 10821b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 10831b08e436SShashi Mallela break; 10841b08e436SShashi Mallela default: 10851b08e436SShashi Mallela result = false; 10861b08e436SShashi Mallela break; 10871b08e436SShashi Mallela } 108818f6290aSShashi Mallela return result; 108918f6290aSShashi Mallela } 109018f6290aSShashi Mallela 109118f6290aSShashi Mallela static bool its_readl(GICv3ITSState *s, hwaddr offset, 109218f6290aSShashi Mallela uint64_t *data, MemTxAttrs attrs) 109318f6290aSShashi Mallela { 109418f6290aSShashi Mallela bool result = true; 10951b08e436SShashi Mallela int index; 109618f6290aSShashi Mallela 10971b08e436SShashi Mallela switch (offset) { 10981b08e436SShashi Mallela case GITS_CTLR: 10991b08e436SShashi Mallela *data = s->ctlr; 11001b08e436SShashi Mallela break; 11011b08e436SShashi Mallela case GITS_IIDR: 11021b08e436SShashi Mallela *data = gicv3_iidr(); 11031b08e436SShashi Mallela break; 11041b08e436SShashi Mallela case GITS_IDREGS ... GITS_IDREGS + 0x2f: 11051b08e436SShashi Mallela /* ID registers */ 11061b08e436SShashi Mallela *data = gicv3_idreg(offset - GITS_IDREGS); 11071b08e436SShashi Mallela break; 11081b08e436SShashi Mallela case GITS_TYPER: 11091b08e436SShashi Mallela *data = extract64(s->typer, 0, 32); 11101b08e436SShashi Mallela break; 11111b08e436SShashi Mallela case GITS_TYPER + 4: 11121b08e436SShashi Mallela *data = extract64(s->typer, 32, 32); 11131b08e436SShashi Mallela break; 11141b08e436SShashi Mallela case GITS_CBASER: 11151b08e436SShashi Mallela *data = extract64(s->cbaser, 0, 32); 11161b08e436SShashi Mallela break; 11171b08e436SShashi Mallela case GITS_CBASER + 4: 11181b08e436SShashi Mallela *data = extract64(s->cbaser, 32, 32); 11191b08e436SShashi Mallela break; 11201b08e436SShashi Mallela case GITS_CREADR: 11211b08e436SShashi Mallela *data = extract64(s->creadr, 0, 32); 11221b08e436SShashi Mallela break; 11231b08e436SShashi Mallela case GITS_CREADR + 4: 11241b08e436SShashi Mallela *data = extract64(s->creadr, 32, 32); 11251b08e436SShashi Mallela break; 11261b08e436SShashi Mallela case GITS_CWRITER: 11271b08e436SShashi Mallela *data = extract64(s->cwriter, 0, 32); 11281b08e436SShashi Mallela break; 11291b08e436SShashi Mallela case GITS_CWRITER + 4: 11301b08e436SShashi Mallela *data = extract64(s->cwriter, 32, 32); 11311b08e436SShashi Mallela break; 11321b08e436SShashi Mallela case GITS_BASER ... GITS_BASER + 0x3f: 11331b08e436SShashi Mallela index = (offset - GITS_BASER) / 8; 11341b08e436SShashi Mallela if (offset & 7) { 11351b08e436SShashi Mallela *data = extract64(s->baser[index], 32, 32); 11361b08e436SShashi Mallela } else { 11371b08e436SShashi Mallela *data = extract64(s->baser[index], 0, 32); 11381b08e436SShashi Mallela } 11391b08e436SShashi Mallela break; 11401b08e436SShashi Mallela default: 11411b08e436SShashi Mallela result = false; 11421b08e436SShashi Mallela break; 11431b08e436SShashi Mallela } 114418f6290aSShashi Mallela return result; 114518f6290aSShashi Mallela } 114618f6290aSShashi Mallela 114718f6290aSShashi Mallela static bool its_writell(GICv3ITSState *s, hwaddr offset, 114818f6290aSShashi Mallela uint64_t value, MemTxAttrs attrs) 114918f6290aSShashi Mallela { 115018f6290aSShashi Mallela bool result = true; 11511b08e436SShashi Mallela int index; 115218f6290aSShashi Mallela 11531b08e436SShashi Mallela switch (offset) { 11541b08e436SShashi Mallela case GITS_BASER ... GITS_BASER + 0x3f: 11551b08e436SShashi Mallela /* 11561b08e436SShashi Mallela * IMPDEF choice:- GITS_BASERn register becomes RO if ITS is 11571b08e436SShashi Mallela * already enabled 11581b08e436SShashi Mallela */ 11598d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 11601b08e436SShashi Mallela index = (offset - GITS_BASER) / 8; 11610ffe88e6SPeter Maydell if (s->baser[index] == 0) { 11620ffe88e6SPeter Maydell /* Unimplemented GITS_BASERn: RAZ/WI */ 11630ffe88e6SPeter Maydell break; 11640ffe88e6SPeter Maydell } 11651b08e436SShashi Mallela s->baser[index] &= GITS_BASER_RO_MASK; 11661b08e436SShashi Mallela s->baser[index] |= (value & ~GITS_BASER_RO_MASK); 11671b08e436SShashi Mallela } 11681b08e436SShashi Mallela break; 11691b08e436SShashi Mallela case GITS_CBASER: 11701b08e436SShashi Mallela /* 11711b08e436SShashi Mallela * IMPDEF choice:- GITS_CBASER register becomes RO if ITS is 11721b08e436SShashi Mallela * already enabled 11731b08e436SShashi Mallela */ 11748d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 11751b08e436SShashi Mallela s->cbaser = value; 11761b08e436SShashi Mallela s->creadr = 0; 11771b08e436SShashi Mallela } 11781b08e436SShashi Mallela break; 11791b08e436SShashi Mallela case GITS_CWRITER: 11801b08e436SShashi Mallela s->cwriter = value & ~R_GITS_CWRITER_RETRY_MASK; 11817eca39e0SShashi Mallela if (s->cwriter != s->creadr) { 11827eca39e0SShashi Mallela process_cmdq(s); 11837eca39e0SShashi Mallela } 11841b08e436SShashi Mallela break; 11851b08e436SShashi Mallela case GITS_CREADR: 11861b08e436SShashi Mallela if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) { 11871b08e436SShashi Mallela s->creadr = value & ~R_GITS_CREADR_STALLED_MASK; 11881b08e436SShashi Mallela } else { 11891b08e436SShashi Mallela /* RO register, ignore the write */ 11901b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 11911b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 11921b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 11931b08e436SShashi Mallela } 11941b08e436SShashi Mallela break; 11951b08e436SShashi Mallela case GITS_TYPER: 11961b08e436SShashi Mallela /* RO registers, ignore the write */ 11971b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 11981b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 11991b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 12001b08e436SShashi Mallela break; 12011b08e436SShashi Mallela default: 12021b08e436SShashi Mallela result = false; 12031b08e436SShashi Mallela break; 12041b08e436SShashi Mallela } 120518f6290aSShashi Mallela return result; 120618f6290aSShashi Mallela } 120718f6290aSShashi Mallela 120818f6290aSShashi Mallela static bool its_readll(GICv3ITSState *s, hwaddr offset, 120918f6290aSShashi Mallela uint64_t *data, MemTxAttrs attrs) 121018f6290aSShashi Mallela { 121118f6290aSShashi Mallela bool result = true; 12121b08e436SShashi Mallela int index; 121318f6290aSShashi Mallela 12141b08e436SShashi Mallela switch (offset) { 12151b08e436SShashi Mallela case GITS_TYPER: 12161b08e436SShashi Mallela *data = s->typer; 12171b08e436SShashi Mallela break; 12181b08e436SShashi Mallela case GITS_BASER ... GITS_BASER + 0x3f: 12191b08e436SShashi Mallela index = (offset - GITS_BASER) / 8; 12201b08e436SShashi Mallela *data = s->baser[index]; 12211b08e436SShashi Mallela break; 12221b08e436SShashi Mallela case GITS_CBASER: 12231b08e436SShashi Mallela *data = s->cbaser; 12241b08e436SShashi Mallela break; 12251b08e436SShashi Mallela case GITS_CREADR: 12261b08e436SShashi Mallela *data = s->creadr; 12271b08e436SShashi Mallela break; 12281b08e436SShashi Mallela case GITS_CWRITER: 12291b08e436SShashi Mallela *data = s->cwriter; 12301b08e436SShashi Mallela break; 12311b08e436SShashi Mallela default: 12321b08e436SShashi Mallela result = false; 12331b08e436SShashi Mallela break; 12341b08e436SShashi Mallela } 123518f6290aSShashi Mallela return result; 123618f6290aSShashi Mallela } 123718f6290aSShashi Mallela 123818f6290aSShashi Mallela static MemTxResult gicv3_its_read(void *opaque, hwaddr offset, uint64_t *data, 123918f6290aSShashi Mallela unsigned size, MemTxAttrs attrs) 124018f6290aSShashi Mallela { 124118f6290aSShashi Mallela GICv3ITSState *s = (GICv3ITSState *)opaque; 124218f6290aSShashi Mallela bool result; 124318f6290aSShashi Mallela 124418f6290aSShashi Mallela switch (size) { 124518f6290aSShashi Mallela case 4: 124618f6290aSShashi Mallela result = its_readl(s, offset, data, attrs); 124718f6290aSShashi Mallela break; 124818f6290aSShashi Mallela case 8: 124918f6290aSShashi Mallela result = its_readll(s, offset, data, attrs); 125018f6290aSShashi Mallela break; 125118f6290aSShashi Mallela default: 125218f6290aSShashi Mallela result = false; 125318f6290aSShashi Mallela break; 125418f6290aSShashi Mallela } 125518f6290aSShashi Mallela 125618f6290aSShashi Mallela if (!result) { 125718f6290aSShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 125818f6290aSShashi Mallela "%s: invalid guest read at offset " TARGET_FMT_plx 125918f6290aSShashi Mallela "size %u\n", __func__, offset, size); 1260195209d3SPeter Maydell trace_gicv3_its_badread(offset, size); 126118f6290aSShashi Mallela /* 126218f6290aSShashi Mallela * The spec requires that reserved registers are RAZ/WI; 126318f6290aSShashi Mallela * so use false returns from leaf functions as a way to 126418f6290aSShashi Mallela * trigger the guest-error logging but don't return it to 126518f6290aSShashi Mallela * the caller, or we'll cause a spurious guest data abort. 126618f6290aSShashi Mallela */ 126718f6290aSShashi Mallela *data = 0; 1268195209d3SPeter Maydell } else { 1269195209d3SPeter Maydell trace_gicv3_its_read(offset, *data, size); 127018f6290aSShashi Mallela } 127118f6290aSShashi Mallela return MEMTX_OK; 127218f6290aSShashi Mallela } 127318f6290aSShashi Mallela 127418f6290aSShashi Mallela static MemTxResult gicv3_its_write(void *opaque, hwaddr offset, uint64_t data, 127518f6290aSShashi Mallela unsigned size, MemTxAttrs attrs) 127618f6290aSShashi Mallela { 127718f6290aSShashi Mallela GICv3ITSState *s = (GICv3ITSState *)opaque; 127818f6290aSShashi Mallela bool result; 127918f6290aSShashi Mallela 128018f6290aSShashi Mallela switch (size) { 128118f6290aSShashi Mallela case 4: 128218f6290aSShashi Mallela result = its_writel(s, offset, data, attrs); 128318f6290aSShashi Mallela break; 128418f6290aSShashi Mallela case 8: 128518f6290aSShashi Mallela result = its_writell(s, offset, data, attrs); 128618f6290aSShashi Mallela break; 128718f6290aSShashi Mallela default: 128818f6290aSShashi Mallela result = false; 128918f6290aSShashi Mallela break; 129018f6290aSShashi Mallela } 129118f6290aSShashi Mallela 129218f6290aSShashi Mallela if (!result) { 129318f6290aSShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 129418f6290aSShashi Mallela "%s: invalid guest write at offset " TARGET_FMT_plx 129518f6290aSShashi Mallela "size %u\n", __func__, offset, size); 1296195209d3SPeter Maydell trace_gicv3_its_badwrite(offset, data, size); 129718f6290aSShashi Mallela /* 129818f6290aSShashi Mallela * The spec requires that reserved registers are RAZ/WI; 129918f6290aSShashi Mallela * so use false returns from leaf functions as a way to 130018f6290aSShashi Mallela * trigger the guest-error logging but don't return it to 130118f6290aSShashi Mallela * the caller, or we'll cause a spurious guest data abort. 130218f6290aSShashi Mallela */ 1303195209d3SPeter Maydell } else { 1304195209d3SPeter Maydell trace_gicv3_its_write(offset, data, size); 130518f6290aSShashi Mallela } 130618f6290aSShashi Mallela return MEMTX_OK; 130718f6290aSShashi Mallela } 130818f6290aSShashi Mallela 130918f6290aSShashi Mallela static const MemoryRegionOps gicv3_its_control_ops = { 131018f6290aSShashi Mallela .read_with_attrs = gicv3_its_read, 131118f6290aSShashi Mallela .write_with_attrs = gicv3_its_write, 131218f6290aSShashi Mallela .valid.min_access_size = 4, 131318f6290aSShashi Mallela .valid.max_access_size = 8, 131418f6290aSShashi Mallela .impl.min_access_size = 4, 131518f6290aSShashi Mallela .impl.max_access_size = 8, 131618f6290aSShashi Mallela .endianness = DEVICE_NATIVE_ENDIAN, 131718f6290aSShashi Mallela }; 131818f6290aSShashi Mallela 131918f6290aSShashi Mallela static const MemoryRegionOps gicv3_its_translation_ops = { 13207e062b98SPeter Maydell .read_with_attrs = gicv3_its_translation_read, 132118f6290aSShashi Mallela .write_with_attrs = gicv3_its_translation_write, 132218f6290aSShashi Mallela .valid.min_access_size = 2, 132318f6290aSShashi Mallela .valid.max_access_size = 4, 132418f6290aSShashi Mallela .impl.min_access_size = 2, 132518f6290aSShashi Mallela .impl.max_access_size = 4, 132618f6290aSShashi Mallela .endianness = DEVICE_NATIVE_ENDIAN, 132718f6290aSShashi Mallela }; 132818f6290aSShashi Mallela 132918f6290aSShashi Mallela static void gicv3_arm_its_realize(DeviceState *dev, Error **errp) 133018f6290aSShashi Mallela { 133118f6290aSShashi Mallela GICv3ITSState *s = ARM_GICV3_ITS_COMMON(dev); 133218f6290aSShashi Mallela int i; 133318f6290aSShashi Mallela 133418f6290aSShashi Mallela for (i = 0; i < s->gicv3->num_cpu; i++) { 133518f6290aSShashi Mallela if (!(s->gicv3->cpu[i].gicr_typer & GICR_TYPER_PLPIS)) { 133618f6290aSShashi Mallela error_setg(errp, "Physical LPI not supported by CPU %d", i); 133718f6290aSShashi Mallela return; 133818f6290aSShashi Mallela } 133918f6290aSShashi Mallela } 134018f6290aSShashi Mallela 134118f6290aSShashi Mallela gicv3_its_init_mmio(s, &gicv3_its_control_ops, &gicv3_its_translation_ops); 134218f6290aSShashi Mallela 134318f6290aSShashi Mallela /* set the ITS default features supported */ 1344764d6ba1SPeter Maydell s->typer = FIELD_DP64(s->typer, GITS_TYPER, PHYSICAL, 1); 134518f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, ITT_ENTRY_SIZE, 134618f6290aSShashi Mallela ITS_ITT_ENTRY_SIZE - 1); 134718f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, IDBITS, ITS_IDBITS); 134818f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, DEVBITS, ITS_DEVBITS); 134918f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, CIL, 1); 135018f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, CIDBITS, ITS_CIDBITS); 135118f6290aSShashi Mallela } 135218f6290aSShashi Mallela 135318f6290aSShashi Mallela static void gicv3_its_reset(DeviceState *dev) 135418f6290aSShashi Mallela { 135518f6290aSShashi Mallela GICv3ITSState *s = ARM_GICV3_ITS_COMMON(dev); 135618f6290aSShashi Mallela GICv3ITSClass *c = ARM_GICV3_ITS_GET_CLASS(s); 135718f6290aSShashi Mallela 135818f6290aSShashi Mallela c->parent_reset(dev); 135918f6290aSShashi Mallela 136018f6290aSShashi Mallela /* Quiescent bit reset to 1 */ 136118f6290aSShashi Mallela s->ctlr = FIELD_DP32(s->ctlr, GITS_CTLR, QUIESCENT, 1); 136218f6290aSShashi Mallela 136318f6290aSShashi Mallela /* 136418f6290aSShashi Mallela * setting GITS_BASER0.Type = 0b001 (Device) 136518f6290aSShashi Mallela * GITS_BASER1.Type = 0b100 (Collection Table) 136618f6290aSShashi Mallela * GITS_BASER<n>.Type,where n = 3 to 7 are 0b00 (Unimplemented) 136718f6290aSShashi Mallela * GITS_BASER<0,1>.Page_Size = 64KB 136818f6290aSShashi Mallela * and default translation table entry size to 16 bytes 136918f6290aSShashi Mallela */ 137018f6290aSShashi Mallela s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, TYPE, 137118f6290aSShashi Mallela GITS_BASER_TYPE_DEVICE); 137218f6290aSShashi Mallela s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, PAGESIZE, 137318f6290aSShashi Mallela GITS_BASER_PAGESIZE_64K); 137418f6290aSShashi Mallela s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, ENTRYSIZE, 137518f6290aSShashi Mallela GITS_DTE_SIZE - 1); 137618f6290aSShashi Mallela 137718f6290aSShashi Mallela s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, TYPE, 137818f6290aSShashi Mallela GITS_BASER_TYPE_COLLECTION); 137918f6290aSShashi Mallela s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, PAGESIZE, 138018f6290aSShashi Mallela GITS_BASER_PAGESIZE_64K); 138118f6290aSShashi Mallela s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, ENTRYSIZE, 138218f6290aSShashi Mallela GITS_CTE_SIZE - 1); 138318f6290aSShashi Mallela } 138418f6290aSShashi Mallela 13851b08e436SShashi Mallela static void gicv3_its_post_load(GICv3ITSState *s) 13861b08e436SShashi Mallela { 13878d2d6dd9SPeter Maydell if (s->ctlr & R_GITS_CTLR_ENABLED_MASK) { 13881b08e436SShashi Mallela extract_table_params(s); 13891b08e436SShashi Mallela extract_cmdq_params(s); 13901b08e436SShashi Mallela } 13911b08e436SShashi Mallela } 13921b08e436SShashi Mallela 139318f6290aSShashi Mallela static Property gicv3_its_props[] = { 139418f6290aSShashi Mallela DEFINE_PROP_LINK("parent-gicv3", GICv3ITSState, gicv3, "arm-gicv3", 139518f6290aSShashi Mallela GICv3State *), 139618f6290aSShashi Mallela DEFINE_PROP_END_OF_LIST(), 139718f6290aSShashi Mallela }; 139818f6290aSShashi Mallela 139918f6290aSShashi Mallela static void gicv3_its_class_init(ObjectClass *klass, void *data) 140018f6290aSShashi Mallela { 140118f6290aSShashi Mallela DeviceClass *dc = DEVICE_CLASS(klass); 140218f6290aSShashi Mallela GICv3ITSClass *ic = ARM_GICV3_ITS_CLASS(klass); 14031b08e436SShashi Mallela GICv3ITSCommonClass *icc = ARM_GICV3_ITS_COMMON_CLASS(klass); 140418f6290aSShashi Mallela 140518f6290aSShashi Mallela dc->realize = gicv3_arm_its_realize; 140618f6290aSShashi Mallela device_class_set_props(dc, gicv3_its_props); 140718f6290aSShashi Mallela device_class_set_parent_reset(dc, gicv3_its_reset, &ic->parent_reset); 14081b08e436SShashi Mallela icc->post_load = gicv3_its_post_load; 140918f6290aSShashi Mallela } 141018f6290aSShashi Mallela 141118f6290aSShashi Mallela static const TypeInfo gicv3_its_info = { 141218f6290aSShashi Mallela .name = TYPE_ARM_GICV3_ITS, 141318f6290aSShashi Mallela .parent = TYPE_ARM_GICV3_ITS_COMMON, 141418f6290aSShashi Mallela .instance_size = sizeof(GICv3ITSState), 141518f6290aSShashi Mallela .class_init = gicv3_its_class_init, 141618f6290aSShashi Mallela .class_size = sizeof(GICv3ITSClass), 141718f6290aSShashi Mallela }; 141818f6290aSShashi Mallela 141918f6290aSShashi Mallela static void gicv3_its_register_types(void) 142018f6290aSShashi Mallela { 142118f6290aSShashi Mallela type_register_static(&gicv3_its_info); 142218f6290aSShashi Mallela } 142318f6290aSShashi Mallela 142418f6290aSShashi Mallela type_init(gicv3_its_register_types) 1425