118f6290aSShashi Mallela /* 218f6290aSShashi Mallela * ITS emulation for a GICv3-based system 318f6290aSShashi Mallela * 418f6290aSShashi Mallela * Copyright Linaro.org 2021 518f6290aSShashi Mallela * 618f6290aSShashi Mallela * Authors: 718f6290aSShashi Mallela * Shashi Mallela <shashi.mallela@linaro.org> 818f6290aSShashi Mallela * 918f6290aSShashi Mallela * This work is licensed under the terms of the GNU GPL, version 2 or (at your 1018f6290aSShashi Mallela * option) any later version. See the COPYING file in the top-level directory. 1118f6290aSShashi Mallela * 1218f6290aSShashi Mallela */ 1318f6290aSShashi Mallela 1418f6290aSShashi Mallela #include "qemu/osdep.h" 1518f6290aSShashi Mallela #include "qemu/log.h" 16195209d3SPeter Maydell #include "trace.h" 1718f6290aSShashi Mallela #include "hw/qdev-properties.h" 1818f6290aSShashi Mallela #include "hw/intc/arm_gicv3_its_common.h" 1918f6290aSShashi Mallela #include "gicv3_internal.h" 2018f6290aSShashi Mallela #include "qom/object.h" 2118f6290aSShashi Mallela #include "qapi/error.h" 2218f6290aSShashi Mallela 2318f6290aSShashi Mallela typedef struct GICv3ITSClass GICv3ITSClass; 2418f6290aSShashi Mallela /* This is reusing the GICv3ITSState typedef from ARM_GICV3_ITS_COMMON */ 2518f6290aSShashi Mallela DECLARE_OBJ_CHECKERS(GICv3ITSState, GICv3ITSClass, 2618f6290aSShashi Mallela ARM_GICV3_ITS, TYPE_ARM_GICV3_ITS) 2718f6290aSShashi Mallela 2818f6290aSShashi Mallela struct GICv3ITSClass { 2918f6290aSShashi Mallela GICv3ITSCommonClass parent_class; 3018f6290aSShashi Mallela void (*parent_reset)(DeviceState *dev); 3118f6290aSShashi Mallela }; 3218f6290aSShashi Mallela 33c694cb4cSShashi Mallela /* 34c694cb4cSShashi Mallela * This is an internal enum used to distinguish between LPI triggered 35c694cb4cSShashi Mallela * via command queue and LPI triggered via gits_translater write. 36c694cb4cSShashi Mallela */ 37c694cb4cSShashi Mallela typedef enum ItsCmdType { 38c694cb4cSShashi Mallela NONE = 0, /* internal indication for GITS_TRANSLATER write */ 39c694cb4cSShashi Mallela CLEAR = 1, 40c694cb4cSShashi Mallela DISCARD = 2, 41c694cb4cSShashi Mallela INTERRUPT = 3, 42c694cb4cSShashi Mallela } ItsCmdType; 43c694cb4cSShashi Mallela 44c694cb4cSShashi Mallela typedef struct { 45c694cb4cSShashi Mallela uint32_t iteh; 46c694cb4cSShashi Mallela uint64_t itel; 47c694cb4cSShashi Mallela } IteEntry; 48c694cb4cSShashi Mallela 49ef011555SPeter Maydell /* 50ef011555SPeter Maydell * The ITS spec permits a range of CONSTRAINED UNPREDICTABLE options 51ef011555SPeter Maydell * if a command parameter is not correct. These include both "stall 52ef011555SPeter Maydell * processing of the command queue" and "ignore this command, and 53ef011555SPeter Maydell * keep processing the queue". In our implementation we choose that 54ef011555SPeter Maydell * memory transaction errors reading the command packet provoke a 55ef011555SPeter Maydell * stall, but errors in parameters cause us to ignore the command 56ef011555SPeter Maydell * and continue processing. 57ef011555SPeter Maydell * The process_* functions which handle individual ITS commands all 58ef011555SPeter Maydell * return an ItsCmdResult which tells process_cmdq() whether it should 59ef011555SPeter Maydell * stall or keep going. 60ef011555SPeter Maydell */ 61ef011555SPeter Maydell typedef enum ItsCmdResult { 62ef011555SPeter Maydell CMD_STALL = 0, 63ef011555SPeter Maydell CMD_CONTINUE = 1, 64ef011555SPeter Maydell } ItsCmdResult; 65ef011555SPeter Maydell 661b08e436SShashi Mallela static uint64_t baser_base_addr(uint64_t value, uint32_t page_sz) 671b08e436SShashi Mallela { 681b08e436SShashi Mallela uint64_t result = 0; 691b08e436SShashi Mallela 701b08e436SShashi Mallela switch (page_sz) { 711b08e436SShashi Mallela case GITS_PAGE_SIZE_4K: 721b08e436SShashi Mallela case GITS_PAGE_SIZE_16K: 731b08e436SShashi Mallela result = FIELD_EX64(value, GITS_BASER, PHYADDR) << 12; 741b08e436SShashi Mallela break; 751b08e436SShashi Mallela 761b08e436SShashi Mallela case GITS_PAGE_SIZE_64K: 771b08e436SShashi Mallela result = FIELD_EX64(value, GITS_BASER, PHYADDRL_64K) << 16; 781b08e436SShashi Mallela result |= FIELD_EX64(value, GITS_BASER, PHYADDRH_64K) << 48; 791b08e436SShashi Mallela break; 801b08e436SShashi Mallela 811b08e436SShashi Mallela default: 821b08e436SShashi Mallela break; 831b08e436SShashi Mallela } 841b08e436SShashi Mallela return result; 851b08e436SShashi Mallela } 861b08e436SShashi Mallela 87d050f80fSPeter Maydell static uint64_t table_entry_addr(GICv3ITSState *s, TableDesc *td, 88d050f80fSPeter Maydell uint32_t idx, MemTxResult *res) 89d050f80fSPeter Maydell { 90d050f80fSPeter Maydell /* 91d050f80fSPeter Maydell * Given a TableDesc describing one of the ITS in-guest-memory 92d050f80fSPeter Maydell * tables and an index into it, return the guest address 93d050f80fSPeter Maydell * corresponding to that table entry. 94d050f80fSPeter Maydell * If there was a memory error reading the L1 table of an 95d050f80fSPeter Maydell * indirect table, *res is set accordingly, and we return -1. 96d050f80fSPeter Maydell * If the L1 table entry is marked not valid, we return -1 with 97d050f80fSPeter Maydell * *res set to MEMTX_OK. 98d050f80fSPeter Maydell * 99d050f80fSPeter Maydell * The specification defines the format of level 1 entries of a 100d050f80fSPeter Maydell * 2-level table, but the format of level 2 entries and the format 101d050f80fSPeter Maydell * of flat-mapped tables is IMPDEF. 102d050f80fSPeter Maydell */ 103d050f80fSPeter Maydell AddressSpace *as = &s->gicv3->dma_as; 104d050f80fSPeter Maydell uint32_t l2idx; 105d050f80fSPeter Maydell uint64_t l2; 106d050f80fSPeter Maydell uint32_t num_l2_entries; 107d050f80fSPeter Maydell 108d050f80fSPeter Maydell *res = MEMTX_OK; 109d050f80fSPeter Maydell 110d050f80fSPeter Maydell if (!td->indirect) { 111d050f80fSPeter Maydell /* Single level table */ 112d050f80fSPeter Maydell return td->base_addr + idx * td->entry_sz; 113d050f80fSPeter Maydell } 114d050f80fSPeter Maydell 115d050f80fSPeter Maydell /* Two level table */ 116d050f80fSPeter Maydell l2idx = idx / (td->page_sz / L1TABLE_ENTRY_SIZE); 117d050f80fSPeter Maydell 118d050f80fSPeter Maydell l2 = address_space_ldq_le(as, 119d050f80fSPeter Maydell td->base_addr + (l2idx * L1TABLE_ENTRY_SIZE), 120d050f80fSPeter Maydell MEMTXATTRS_UNSPECIFIED, res); 121d050f80fSPeter Maydell if (*res != MEMTX_OK) { 122d050f80fSPeter Maydell return -1; 123d050f80fSPeter Maydell } 124d050f80fSPeter Maydell if (!(l2 & L2_TABLE_VALID_MASK)) { 125d050f80fSPeter Maydell return -1; 126d050f80fSPeter Maydell } 127d050f80fSPeter Maydell 128d050f80fSPeter Maydell num_l2_entries = td->page_sz / td->entry_sz; 129d050f80fSPeter Maydell return (l2 & ((1ULL << 51) - 1)) + (idx % num_l2_entries) * td->entry_sz; 130d050f80fSPeter Maydell } 131d050f80fSPeter Maydell 132c694cb4cSShashi Mallela static bool get_cte(GICv3ITSState *s, uint16_t icid, uint64_t *cte, 133c694cb4cSShashi Mallela MemTxResult *res) 134c694cb4cSShashi Mallela { 135c694cb4cSShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 136d050f80fSPeter Maydell uint64_t entry_addr = table_entry_addr(s, &s->ct, icid, res); 137c694cb4cSShashi Mallela 138d050f80fSPeter Maydell if (entry_addr == -1) { 139d050f80fSPeter Maydell return false; /* not valid */ 140c694cb4cSShashi Mallela } 141c694cb4cSShashi Mallela 142d050f80fSPeter Maydell *cte = address_space_ldq_le(as, entry_addr, MEMTXATTRS_UNSPECIFIED, res); 143437dc0eaSPeter Maydell return FIELD_EX64(*cte, CTE, VALID); 144c694cb4cSShashi Mallela } 145c694cb4cSShashi Mallela 146c694cb4cSShashi Mallela static bool update_ite(GICv3ITSState *s, uint32_t eventid, uint64_t dte, 147c694cb4cSShashi Mallela IteEntry ite) 148c694cb4cSShashi Mallela { 149c694cb4cSShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 150c694cb4cSShashi Mallela uint64_t itt_addr; 151c694cb4cSShashi Mallela MemTxResult res = MEMTX_OK; 152c694cb4cSShashi Mallela 153e07f8445SPeter Maydell itt_addr = FIELD_EX64(dte, DTE, ITTADDR); 154c694cb4cSShashi Mallela itt_addr <<= ITTADDR_SHIFT; /* 256 byte aligned */ 155c694cb4cSShashi Mallela 156c694cb4cSShashi Mallela address_space_stq_le(as, itt_addr + (eventid * (sizeof(uint64_t) + 157c694cb4cSShashi Mallela sizeof(uint32_t))), ite.itel, MEMTXATTRS_UNSPECIFIED, 158c694cb4cSShashi Mallela &res); 159c694cb4cSShashi Mallela 160c694cb4cSShashi Mallela if (res == MEMTX_OK) { 161c694cb4cSShashi Mallela address_space_stl_le(as, itt_addr + (eventid * (sizeof(uint64_t) + 162c694cb4cSShashi Mallela sizeof(uint32_t))) + sizeof(uint32_t), ite.iteh, 163c694cb4cSShashi Mallela MEMTXATTRS_UNSPECIFIED, &res); 164c694cb4cSShashi Mallela } 165c694cb4cSShashi Mallela if (res != MEMTX_OK) { 166c694cb4cSShashi Mallela return false; 167c694cb4cSShashi Mallela } else { 168c694cb4cSShashi Mallela return true; 169c694cb4cSShashi Mallela } 170c694cb4cSShashi Mallela } 171c694cb4cSShashi Mallela 172c694cb4cSShashi Mallela static bool get_ite(GICv3ITSState *s, uint32_t eventid, uint64_t dte, 173c694cb4cSShashi Mallela uint16_t *icid, uint32_t *pIntid, MemTxResult *res) 174c694cb4cSShashi Mallela { 175c694cb4cSShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 176c694cb4cSShashi Mallela uint64_t itt_addr; 177c694cb4cSShashi Mallela bool status = false; 178c694cb4cSShashi Mallela IteEntry ite = {}; 179c694cb4cSShashi Mallela 180e07f8445SPeter Maydell itt_addr = FIELD_EX64(dte, DTE, ITTADDR); 181c694cb4cSShashi Mallela itt_addr <<= ITTADDR_SHIFT; /* 256 byte aligned */ 182c694cb4cSShashi Mallela 183c694cb4cSShashi Mallela ite.itel = address_space_ldq_le(as, itt_addr + 184c694cb4cSShashi Mallela (eventid * (sizeof(uint64_t) + 185c694cb4cSShashi Mallela sizeof(uint32_t))), MEMTXATTRS_UNSPECIFIED, 186c694cb4cSShashi Mallela res); 187c694cb4cSShashi Mallela 188c694cb4cSShashi Mallela if (*res == MEMTX_OK) { 189c694cb4cSShashi Mallela ite.iteh = address_space_ldl_le(as, itt_addr + 190c694cb4cSShashi Mallela (eventid * (sizeof(uint64_t) + 191c694cb4cSShashi Mallela sizeof(uint32_t))) + sizeof(uint32_t), 192c694cb4cSShashi Mallela MEMTXATTRS_UNSPECIFIED, res); 193c694cb4cSShashi Mallela 194c694cb4cSShashi Mallela if (*res == MEMTX_OK) { 195764d6ba1SPeter Maydell if (FIELD_EX64(ite.itel, ITE_L, VALID)) { 196764d6ba1SPeter Maydell int inttype = FIELD_EX64(ite.itel, ITE_L, INTTYPE); 197764d6ba1SPeter Maydell if (inttype == ITE_INTTYPE_PHYSICAL) { 198764d6ba1SPeter Maydell *pIntid = FIELD_EX64(ite.itel, ITE_L, INTID); 199764d6ba1SPeter Maydell *icid = FIELD_EX32(ite.iteh, ITE_H, ICID); 200c694cb4cSShashi Mallela status = true; 201c694cb4cSShashi Mallela } 202c694cb4cSShashi Mallela } 203c694cb4cSShashi Mallela } 204c694cb4cSShashi Mallela } 205c694cb4cSShashi Mallela return status; 206c694cb4cSShashi Mallela } 207c694cb4cSShashi Mallela 208c694cb4cSShashi Mallela static uint64_t get_dte(GICv3ITSState *s, uint32_t devid, MemTxResult *res) 209c694cb4cSShashi Mallela { 210c694cb4cSShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 211d050f80fSPeter Maydell uint64_t entry_addr = table_entry_addr(s, &s->dt, devid, res); 212c694cb4cSShashi Mallela 213d050f80fSPeter Maydell if (entry_addr == -1) { 214d050f80fSPeter Maydell return 0; /* a DTE entry with the Valid bit clear */ 215c694cb4cSShashi Mallela } 216d050f80fSPeter Maydell return address_space_ldq_le(as, entry_addr, MEMTXATTRS_UNSPECIFIED, res); 217c694cb4cSShashi Mallela } 218c694cb4cSShashi Mallela 219c694cb4cSShashi Mallela /* 220c694cb4cSShashi Mallela * This function handles the processing of following commands based on 221c694cb4cSShashi Mallela * the ItsCmdType parameter passed:- 222c694cb4cSShashi Mallela * 1. triggering of lpi interrupt translation via ITS INT command 223c694cb4cSShashi Mallela * 2. triggering of lpi interrupt translation via gits_translater register 224c694cb4cSShashi Mallela * 3. handling of ITS CLEAR command 225c694cb4cSShashi Mallela * 4. handling of ITS DISCARD command 226c694cb4cSShashi Mallela */ 227*b6f96009SPeter Maydell static ItsCmdResult do_process_its_cmd(GICv3ITSState *s, uint32_t devid, 228*b6f96009SPeter Maydell uint32_t eventid, ItsCmdType cmd) 229c694cb4cSShashi Mallela { 230c694cb4cSShashi Mallela MemTxResult res = MEMTX_OK; 231c694cb4cSShashi Mallela bool dte_valid; 232c694cb4cSShashi Mallela uint64_t dte = 0; 2338f809f69SPeter Maydell uint64_t num_eventids; 234c694cb4cSShashi Mallela uint16_t icid = 0; 235c694cb4cSShashi Mallela uint32_t pIntid = 0; 236c694cb4cSShashi Mallela bool ite_valid = false; 237c694cb4cSShashi Mallela uint64_t cte = 0; 238c694cb4cSShashi Mallela bool cte_valid = false; 23917fb5e36SShashi Mallela uint64_t rdbase; 240c694cb4cSShashi Mallela 2418b8bb014SPeter Maydell if (devid >= s->dt.num_entries) { 242b13148d9SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 243b13148d9SPeter Maydell "%s: invalid command attributes: devid %d>=%d", 2448b8bb014SPeter Maydell __func__, devid, s->dt.num_entries); 245b13148d9SPeter Maydell return CMD_CONTINUE; 246b13148d9SPeter Maydell } 247b13148d9SPeter Maydell 248c694cb4cSShashi Mallela dte = get_dte(s, devid, &res); 249c694cb4cSShashi Mallela 250c694cb4cSShashi Mallela if (res != MEMTX_OK) { 251593a7cc2SPeter Maydell return CMD_STALL; 252c694cb4cSShashi Mallela } 253e07f8445SPeter Maydell dte_valid = FIELD_EX64(dte, DTE, VALID); 254c694cb4cSShashi Mallela 255be0ed8fbSPeter Maydell if (!dte_valid) { 256229c57b1SAlex Bennée qemu_log_mask(LOG_GUEST_ERROR, 257229c57b1SAlex Bennée "%s: invalid command attributes: " 258be0ed8fbSPeter Maydell "invalid dte: %"PRIx64" for %d\n", 259be0ed8fbSPeter Maydell __func__, dte, devid); 260593a7cc2SPeter Maydell return CMD_CONTINUE; 261c694cb4cSShashi Mallela } 262c694cb4cSShashi Mallela 263be0ed8fbSPeter Maydell num_eventids = 1ULL << (FIELD_EX64(dte, DTE, SIZE) + 1); 264229c57b1SAlex Bennée 265b13148d9SPeter Maydell if (eventid >= num_eventids) { 266b13148d9SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 267b13148d9SPeter Maydell "%s: invalid command attributes: eventid %d >= %" 268b13148d9SPeter Maydell PRId64 "\n", 269b13148d9SPeter Maydell __func__, eventid, num_eventids); 270b13148d9SPeter Maydell return CMD_CONTINUE; 271b13148d9SPeter Maydell } 272b13148d9SPeter Maydell 273be0ed8fbSPeter Maydell ite_valid = get_ite(s, eventid, dte, &icid, &pIntid, &res); 274be0ed8fbSPeter Maydell if (res != MEMTX_OK) { 275be0ed8fbSPeter Maydell return CMD_STALL; 276be0ed8fbSPeter Maydell } 277be0ed8fbSPeter Maydell 278be0ed8fbSPeter Maydell if (!ite_valid) { 279be0ed8fbSPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 280be0ed8fbSPeter Maydell "%s: invalid command attributes: invalid ITE\n", 281be0ed8fbSPeter Maydell __func__); 282be0ed8fbSPeter Maydell return CMD_CONTINUE; 283be0ed8fbSPeter Maydell } 284be0ed8fbSPeter Maydell 2858b8bb014SPeter Maydell if (icid >= s->ct.num_entries) { 28658b88779SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 28758b88779SPeter Maydell "%s: invalid ICID 0x%x in ITE (table corrupted?)\n", 28858b88779SPeter Maydell __func__, icid); 28958b88779SPeter Maydell return CMD_CONTINUE; 29058b88779SPeter Maydell } 29158b88779SPeter Maydell 292be0ed8fbSPeter Maydell cte_valid = get_cte(s, icid, &cte, &res); 293be0ed8fbSPeter Maydell if (res != MEMTX_OK) { 294be0ed8fbSPeter Maydell return CMD_STALL; 295be0ed8fbSPeter Maydell } 296be0ed8fbSPeter Maydell if (!cte_valid) { 297be0ed8fbSPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 298be0ed8fbSPeter Maydell "%s: invalid command attributes: " 299be0ed8fbSPeter Maydell "invalid cte: %"PRIx64"\n", 300be0ed8fbSPeter Maydell __func__, cte); 301be0ed8fbSPeter Maydell return CMD_CONTINUE; 302be0ed8fbSPeter Maydell } 303be0ed8fbSPeter Maydell 304c694cb4cSShashi Mallela /* 305c694cb4cSShashi Mallela * Current implementation only supports rdbase == procnum 306c694cb4cSShashi Mallela * Hence rdbase physical address is ignored 307c694cb4cSShashi Mallela */ 308437dc0eaSPeter Maydell rdbase = FIELD_EX64(cte, CTE, RDBASE); 30917fb5e36SShashi Mallela 310a120157bSPeter Maydell if (rdbase >= s->gicv3->num_cpu) { 311593a7cc2SPeter Maydell return CMD_CONTINUE; 31217fb5e36SShashi Mallela } 31317fb5e36SShashi Mallela 31417fb5e36SShashi Mallela if ((cmd == CLEAR) || (cmd == DISCARD)) { 31517fb5e36SShashi Mallela gicv3_redist_process_lpi(&s->gicv3->cpu[rdbase], pIntid, 0); 31617fb5e36SShashi Mallela } else { 31717fb5e36SShashi Mallela gicv3_redist_process_lpi(&s->gicv3->cpu[rdbase], pIntid, 1); 31817fb5e36SShashi Mallela } 31917fb5e36SShashi Mallela 320c694cb4cSShashi Mallela if (cmd == DISCARD) { 321c694cb4cSShashi Mallela IteEntry ite = {}; 322c694cb4cSShashi Mallela /* remove mapping from interrupt translation table */ 323593a7cc2SPeter Maydell return update_ite(s, eventid, dte, ite) ? CMD_CONTINUE : CMD_STALL; 324c694cb4cSShashi Mallela } 325593a7cc2SPeter Maydell return CMD_CONTINUE; 326c694cb4cSShashi Mallela } 327*b6f96009SPeter Maydell static ItsCmdResult process_its_cmd(GICv3ITSState *s, const uint64_t *cmdpkt, 328*b6f96009SPeter Maydell ItsCmdType cmd) 329c694cb4cSShashi Mallela { 330*b6f96009SPeter Maydell uint32_t devid, eventid; 331*b6f96009SPeter Maydell 332*b6f96009SPeter Maydell devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT; 333*b6f96009SPeter Maydell eventid = cmdpkt[1] & EVENTID_MASK; 334*b6f96009SPeter Maydell return do_process_its_cmd(s, devid, eventid, cmd); 335*b6f96009SPeter Maydell } 336*b6f96009SPeter Maydell 337*b6f96009SPeter Maydell static ItsCmdResult process_mapti(GICv3ITSState *s, const uint64_t *cmdpkt, 338*b6f96009SPeter Maydell bool ignore_pInt) 339*b6f96009SPeter Maydell { 340c694cb4cSShashi Mallela uint32_t devid, eventid; 341c694cb4cSShashi Mallela uint32_t pIntid = 0; 3428f809f69SPeter Maydell uint64_t num_eventids; 343905720f1SPeter Maydell uint32_t num_intids; 344c694cb4cSShashi Mallela bool dte_valid; 345c694cb4cSShashi Mallela MemTxResult res = MEMTX_OK; 346c694cb4cSShashi Mallela uint16_t icid = 0; 347c694cb4cSShashi Mallela uint64_t dte = 0; 3480241f731SPeter Maydell IteEntry ite = {}; 349c694cb4cSShashi Mallela 350*b6f96009SPeter Maydell devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT; 351*b6f96009SPeter Maydell eventid = cmdpkt[1] & EVENTID_MASK; 352c694cb4cSShashi Mallela 353b87fab1cSPeter Maydell if (ignore_pInt) { 354b87fab1cSPeter Maydell pIntid = eventid; 355b87fab1cSPeter Maydell } else { 356*b6f96009SPeter Maydell pIntid = (cmdpkt[1] & pINTID_MASK) >> pINTID_SHIFT; 357c694cb4cSShashi Mallela } 358c694cb4cSShashi Mallela 359*b6f96009SPeter Maydell icid = cmdpkt[2] & ICID_MASK; 360c694cb4cSShashi Mallela 3618b8bb014SPeter Maydell if (devid >= s->dt.num_entries) { 362b13148d9SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 363b13148d9SPeter Maydell "%s: invalid command attributes: devid %d>=%d", 3648b8bb014SPeter Maydell __func__, devid, s->dt.num_entries); 365b13148d9SPeter Maydell return CMD_CONTINUE; 366b13148d9SPeter Maydell } 367b13148d9SPeter Maydell 368c694cb4cSShashi Mallela dte = get_dte(s, devid, &res); 369c694cb4cSShashi Mallela 370c694cb4cSShashi Mallela if (res != MEMTX_OK) { 3710241f731SPeter Maydell return CMD_STALL; 372c694cb4cSShashi Mallela } 373e07f8445SPeter Maydell dte_valid = FIELD_EX64(dte, DTE, VALID); 3748f809f69SPeter Maydell num_eventids = 1ULL << (FIELD_EX64(dte, DTE, SIZE) + 1); 375905720f1SPeter Maydell num_intids = 1ULL << (GICD_TYPER_IDBITS + 1); 376c694cb4cSShashi Mallela 3778b8bb014SPeter Maydell if ((icid >= s->ct.num_entries) 3788f809f69SPeter Maydell || !dte_valid || (eventid >= num_eventids) || 379905720f1SPeter Maydell (((pIntid < GICV3_LPI_INTID_START) || (pIntid >= num_intids)) && 380b87fab1cSPeter Maydell (pIntid != INTID_SPURIOUS))) { 381c694cb4cSShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 382c694cb4cSShashi Mallela "%s: invalid command attributes " 383b13148d9SPeter Maydell "icid %d or eventid %d or pIntid %d or" 384b13148d9SPeter Maydell "unmapped dte %d\n", __func__, icid, eventid, 385c694cb4cSShashi Mallela pIntid, dte_valid); 386c694cb4cSShashi Mallela /* 387c694cb4cSShashi Mallela * in this implementation, in case of error 388c694cb4cSShashi Mallela * we ignore this command and move onto the next 389c694cb4cSShashi Mallela * command in the queue 390c694cb4cSShashi Mallela */ 3910241f731SPeter Maydell return CMD_CONTINUE; 3920241f731SPeter Maydell } 3930241f731SPeter Maydell 394c694cb4cSShashi Mallela /* add ite entry to interrupt translation table */ 395764d6ba1SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, VALID, dte_valid); 396764d6ba1SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, INTTYPE, ITE_INTTYPE_PHYSICAL); 397764d6ba1SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, INTID, pIntid); 398764d6ba1SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, DOORBELL, INTID_SPURIOUS); 399764d6ba1SPeter Maydell ite.iteh = FIELD_DP32(ite.iteh, ITE_H, ICID, icid); 400c694cb4cSShashi Mallela 4010241f731SPeter Maydell return update_ite(s, eventid, dte, ite) ? CMD_CONTINUE : CMD_STALL; 402c694cb4cSShashi Mallela } 403c694cb4cSShashi Mallela 4047eca39e0SShashi Mallela static bool update_cte(GICv3ITSState *s, uint16_t icid, bool valid, 4057eca39e0SShashi Mallela uint64_t rdbase) 4067eca39e0SShashi Mallela { 4077eca39e0SShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 408d050f80fSPeter Maydell uint64_t entry_addr; 4097eca39e0SShashi Mallela uint64_t cte = 0; 4107eca39e0SShashi Mallela MemTxResult res = MEMTX_OK; 4117eca39e0SShashi Mallela 4127eca39e0SShashi Mallela if (!s->ct.valid) { 4137eca39e0SShashi Mallela return true; 4147eca39e0SShashi Mallela } 4157eca39e0SShashi Mallela 4167eca39e0SShashi Mallela if (valid) { 4177eca39e0SShashi Mallela /* add mapping entry to collection table */ 418437dc0eaSPeter Maydell cte = FIELD_DP64(cte, CTE, VALID, 1); 419437dc0eaSPeter Maydell cte = FIELD_DP64(cte, CTE, RDBASE, rdbase); 4207eca39e0SShashi Mallela } 4217eca39e0SShashi Mallela 422d050f80fSPeter Maydell entry_addr = table_entry_addr(s, &s->ct, icid, &res); 4237eca39e0SShashi Mallela if (res != MEMTX_OK) { 424d050f80fSPeter Maydell /* memory access error: stall */ 4257eca39e0SShashi Mallela return false; 4267eca39e0SShashi Mallela } 427d050f80fSPeter Maydell if (entry_addr == -1) { 428d050f80fSPeter Maydell /* No L2 table for this index: discard write and continue */ 4297eca39e0SShashi Mallela return true; 4307eca39e0SShashi Mallela } 431d050f80fSPeter Maydell 432d050f80fSPeter Maydell address_space_stq_le(as, entry_addr, cte, MEMTXATTRS_UNSPECIFIED, &res); 433d050f80fSPeter Maydell return res == MEMTX_OK; 4347eca39e0SShashi Mallela } 4357eca39e0SShashi Mallela 436*b6f96009SPeter Maydell static ItsCmdResult process_mapc(GICv3ITSState *s, const uint64_t *cmdpkt) 4377eca39e0SShashi Mallela { 4387eca39e0SShashi Mallela uint16_t icid; 4397eca39e0SShashi Mallela uint64_t rdbase; 4407eca39e0SShashi Mallela bool valid; 4417eca39e0SShashi Mallela 442*b6f96009SPeter Maydell icid = cmdpkt[2] & ICID_MASK; 4437eca39e0SShashi Mallela 444*b6f96009SPeter Maydell rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT; 4457eca39e0SShashi Mallela rdbase &= RDBASE_PROCNUM_MASK; 4467eca39e0SShashi Mallela 447*b6f96009SPeter Maydell valid = cmdpkt[2] & CMD_FIELD_VALID_MASK; 4487eca39e0SShashi Mallela 4498b8bb014SPeter Maydell if ((icid >= s->ct.num_entries) || (rdbase >= s->gicv3->num_cpu)) { 4507eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 4517eca39e0SShashi Mallela "ITS MAPC: invalid collection table attributes " 4527eca39e0SShashi Mallela "icid %d rdbase %" PRIu64 "\n", icid, rdbase); 4537eca39e0SShashi Mallela /* 4547eca39e0SShashi Mallela * in this implementation, in case of error 4557eca39e0SShashi Mallela * we ignore this command and move onto the next 4567eca39e0SShashi Mallela * command in the queue 4577eca39e0SShashi Mallela */ 458f6675196SPeter Maydell return CMD_CONTINUE; 4597eca39e0SShashi Mallela } 4607eca39e0SShashi Mallela 461f6675196SPeter Maydell return update_cte(s, icid, valid, rdbase) ? CMD_CONTINUE : CMD_STALL; 4627eca39e0SShashi Mallela } 4637eca39e0SShashi Mallela 4647eca39e0SShashi Mallela static bool update_dte(GICv3ITSState *s, uint32_t devid, bool valid, 4657eca39e0SShashi Mallela uint8_t size, uint64_t itt_addr) 4667eca39e0SShashi Mallela { 4677eca39e0SShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 468d050f80fSPeter Maydell uint64_t entry_addr; 4697eca39e0SShashi Mallela uint64_t dte = 0; 4707eca39e0SShashi Mallela MemTxResult res = MEMTX_OK; 4717eca39e0SShashi Mallela 4727eca39e0SShashi Mallela if (s->dt.valid) { 4737eca39e0SShashi Mallela if (valid) { 4747eca39e0SShashi Mallela /* add mapping entry to device table */ 475e07f8445SPeter Maydell dte = FIELD_DP64(dte, DTE, VALID, 1); 476e07f8445SPeter Maydell dte = FIELD_DP64(dte, DTE, SIZE, size); 477e07f8445SPeter Maydell dte = FIELD_DP64(dte, DTE, ITTADDR, itt_addr); 4787eca39e0SShashi Mallela } 4797eca39e0SShashi Mallela } else { 4807eca39e0SShashi Mallela return true; 4817eca39e0SShashi Mallela } 4827eca39e0SShashi Mallela 483d050f80fSPeter Maydell entry_addr = table_entry_addr(s, &s->dt, devid, &res); 4847eca39e0SShashi Mallela if (res != MEMTX_OK) { 485d050f80fSPeter Maydell /* memory access error: stall */ 4867eca39e0SShashi Mallela return false; 4877eca39e0SShashi Mallela } 488d050f80fSPeter Maydell if (entry_addr == -1) { 489d050f80fSPeter Maydell /* No L2 table for this index: discard write and continue */ 4907eca39e0SShashi Mallela return true; 4917eca39e0SShashi Mallela } 492d050f80fSPeter Maydell address_space_stq_le(as, entry_addr, dte, MEMTXATTRS_UNSPECIFIED, &res); 493d050f80fSPeter Maydell return res == MEMTX_OK; 4947eca39e0SShashi Mallela } 4957eca39e0SShashi Mallela 496*b6f96009SPeter Maydell static ItsCmdResult process_mapd(GICv3ITSState *s, const uint64_t *cmdpkt) 4977eca39e0SShashi Mallela { 4987eca39e0SShashi Mallela uint32_t devid; 4997eca39e0SShashi Mallela uint8_t size; 5007eca39e0SShashi Mallela uint64_t itt_addr; 5017eca39e0SShashi Mallela bool valid; 5027eca39e0SShashi Mallela 503*b6f96009SPeter Maydell devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT; 504*b6f96009SPeter Maydell size = cmdpkt[1] & SIZE_MASK; 505*b6f96009SPeter Maydell itt_addr = (cmdpkt[2] & ITTADDR_MASK) >> ITTADDR_SHIFT; 506*b6f96009SPeter Maydell valid = cmdpkt[2] & CMD_FIELD_VALID_MASK; 5077eca39e0SShashi Mallela 5088b8bb014SPeter Maydell if ((devid >= s->dt.num_entries) || 5097eca39e0SShashi Mallela (size > FIELD_EX64(s->typer, GITS_TYPER, IDBITS))) { 5107eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 5117eca39e0SShashi Mallela "ITS MAPD: invalid device table attributes " 5127eca39e0SShashi Mallela "devid %d or size %d\n", devid, size); 5137eca39e0SShashi Mallela /* 5147eca39e0SShashi Mallela * in this implementation, in case of error 5157eca39e0SShashi Mallela * we ignore this command and move onto the next 5167eca39e0SShashi Mallela * command in the queue 5177eca39e0SShashi Mallela */ 51800d46e72SPeter Maydell return CMD_CONTINUE; 5197eca39e0SShashi Mallela } 5207eca39e0SShashi Mallela 52100d46e72SPeter Maydell return update_dte(s, devid, valid, size, itt_addr) ? CMD_CONTINUE : CMD_STALL; 5227eca39e0SShashi Mallela } 5237eca39e0SShashi Mallela 524*b6f96009SPeter Maydell static ItsCmdResult process_movall(GICv3ITSState *s, const uint64_t *cmdpkt) 525f6d1d9b4SPeter Maydell { 526f6d1d9b4SPeter Maydell uint64_t rd1, rd2; 527f6d1d9b4SPeter Maydell 528*b6f96009SPeter Maydell rd1 = FIELD_EX64(cmdpkt[2], MOVALL_2, RDBASE1); 529*b6f96009SPeter Maydell rd2 = FIELD_EX64(cmdpkt[3], MOVALL_3, RDBASE2); 530f6d1d9b4SPeter Maydell 531f6d1d9b4SPeter Maydell if (rd1 >= s->gicv3->num_cpu) { 532f6d1d9b4SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 533f6d1d9b4SPeter Maydell "%s: RDBASE1 %" PRId64 534f6d1d9b4SPeter Maydell " out of range (must be less than %d)\n", 535f6d1d9b4SPeter Maydell __func__, rd1, s->gicv3->num_cpu); 536f6d1d9b4SPeter Maydell return CMD_CONTINUE; 537f6d1d9b4SPeter Maydell } 538f6d1d9b4SPeter Maydell if (rd2 >= s->gicv3->num_cpu) { 539f6d1d9b4SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 540f6d1d9b4SPeter Maydell "%s: RDBASE2 %" PRId64 541f6d1d9b4SPeter Maydell " out of range (must be less than %d)\n", 542f6d1d9b4SPeter Maydell __func__, rd2, s->gicv3->num_cpu); 543f6d1d9b4SPeter Maydell return CMD_CONTINUE; 544f6d1d9b4SPeter Maydell } 545f6d1d9b4SPeter Maydell 546f6d1d9b4SPeter Maydell if (rd1 == rd2) { 547f6d1d9b4SPeter Maydell /* Move to same target must succeed as a no-op */ 548f6d1d9b4SPeter Maydell return CMD_CONTINUE; 549f6d1d9b4SPeter Maydell } 550f6d1d9b4SPeter Maydell 551f6d1d9b4SPeter Maydell /* Move all pending LPIs from redistributor 1 to redistributor 2 */ 552f6d1d9b4SPeter Maydell gicv3_redist_movall_lpis(&s->gicv3->cpu[rd1], &s->gicv3->cpu[rd2]); 553f6d1d9b4SPeter Maydell 554f6d1d9b4SPeter Maydell return CMD_CONTINUE; 555f6d1d9b4SPeter Maydell } 556f6d1d9b4SPeter Maydell 557*b6f96009SPeter Maydell static ItsCmdResult process_movi(GICv3ITSState *s, const uint64_t *cmdpkt) 558961b4912SPeter Maydell { 559961b4912SPeter Maydell MemTxResult res = MEMTX_OK; 560961b4912SPeter Maydell uint32_t devid, eventid, intid; 561961b4912SPeter Maydell uint16_t old_icid, new_icid; 562961b4912SPeter Maydell uint64_t old_cte, new_cte; 563961b4912SPeter Maydell uint64_t old_rdbase, new_rdbase; 564961b4912SPeter Maydell uint64_t dte; 565961b4912SPeter Maydell bool dte_valid, ite_valid, cte_valid; 566961b4912SPeter Maydell uint64_t num_eventids; 567961b4912SPeter Maydell IteEntry ite = {}; 568961b4912SPeter Maydell 569*b6f96009SPeter Maydell devid = FIELD_EX64(cmdpkt[0], MOVI_0, DEVICEID); 570*b6f96009SPeter Maydell eventid = FIELD_EX64(cmdpkt[1], MOVI_1, EVENTID); 571*b6f96009SPeter Maydell new_icid = FIELD_EX64(cmdpkt[2], MOVI_2, ICID); 572961b4912SPeter Maydell 573961b4912SPeter Maydell if (devid >= s->dt.num_entries) { 574961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 575961b4912SPeter Maydell "%s: invalid command attributes: devid %d>=%d", 576961b4912SPeter Maydell __func__, devid, s->dt.num_entries); 577961b4912SPeter Maydell return CMD_CONTINUE; 578961b4912SPeter Maydell } 579961b4912SPeter Maydell dte = get_dte(s, devid, &res); 580961b4912SPeter Maydell if (res != MEMTX_OK) { 581961b4912SPeter Maydell return CMD_STALL; 582961b4912SPeter Maydell } 583961b4912SPeter Maydell 584961b4912SPeter Maydell dte_valid = FIELD_EX64(dte, DTE, VALID); 585961b4912SPeter Maydell if (!dte_valid) { 586961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 587961b4912SPeter Maydell "%s: invalid command attributes: " 588961b4912SPeter Maydell "invalid dte: %"PRIx64" for %d\n", 589961b4912SPeter Maydell __func__, dte, devid); 590961b4912SPeter Maydell return CMD_CONTINUE; 591961b4912SPeter Maydell } 592961b4912SPeter Maydell 593961b4912SPeter Maydell num_eventids = 1ULL << (FIELD_EX64(dte, DTE, SIZE) + 1); 594961b4912SPeter Maydell if (eventid >= num_eventids) { 595961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 596961b4912SPeter Maydell "%s: invalid command attributes: eventid %d >= %" 597961b4912SPeter Maydell PRId64 "\n", 598961b4912SPeter Maydell __func__, eventid, num_eventids); 599961b4912SPeter Maydell return CMD_CONTINUE; 600961b4912SPeter Maydell } 601961b4912SPeter Maydell 602961b4912SPeter Maydell ite_valid = get_ite(s, eventid, dte, &old_icid, &intid, &res); 603961b4912SPeter Maydell if (res != MEMTX_OK) { 604961b4912SPeter Maydell return CMD_STALL; 605961b4912SPeter Maydell } 606961b4912SPeter Maydell 607961b4912SPeter Maydell if (!ite_valid) { 608961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 609961b4912SPeter Maydell "%s: invalid command attributes: invalid ITE\n", 610961b4912SPeter Maydell __func__); 611961b4912SPeter Maydell return CMD_CONTINUE; 612961b4912SPeter Maydell } 613961b4912SPeter Maydell 614961b4912SPeter Maydell if (old_icid >= s->ct.num_entries) { 615961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 616961b4912SPeter Maydell "%s: invalid ICID 0x%x in ITE (table corrupted?)\n", 617961b4912SPeter Maydell __func__, old_icid); 618961b4912SPeter Maydell return CMD_CONTINUE; 619961b4912SPeter Maydell } 620961b4912SPeter Maydell 621961b4912SPeter Maydell if (new_icid >= s->ct.num_entries) { 622961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 623961b4912SPeter Maydell "%s: invalid command attributes: ICID 0x%x\n", 624961b4912SPeter Maydell __func__, new_icid); 625961b4912SPeter Maydell return CMD_CONTINUE; 626961b4912SPeter Maydell } 627961b4912SPeter Maydell 628961b4912SPeter Maydell cte_valid = get_cte(s, old_icid, &old_cte, &res); 629961b4912SPeter Maydell if (res != MEMTX_OK) { 630961b4912SPeter Maydell return CMD_STALL; 631961b4912SPeter Maydell } 632961b4912SPeter Maydell if (!cte_valid) { 633961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 634961b4912SPeter Maydell "%s: invalid command attributes: " 635961b4912SPeter Maydell "invalid cte: %"PRIx64"\n", 636961b4912SPeter Maydell __func__, old_cte); 637961b4912SPeter Maydell return CMD_CONTINUE; 638961b4912SPeter Maydell } 639961b4912SPeter Maydell 640961b4912SPeter Maydell cte_valid = get_cte(s, new_icid, &new_cte, &res); 641961b4912SPeter Maydell if (res != MEMTX_OK) { 642961b4912SPeter Maydell return CMD_STALL; 643961b4912SPeter Maydell } 644961b4912SPeter Maydell if (!cte_valid) { 645961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 646961b4912SPeter Maydell "%s: invalid command attributes: " 647961b4912SPeter Maydell "invalid cte: %"PRIx64"\n", 648961b4912SPeter Maydell __func__, new_cte); 649961b4912SPeter Maydell return CMD_CONTINUE; 650961b4912SPeter Maydell } 651961b4912SPeter Maydell 652961b4912SPeter Maydell old_rdbase = FIELD_EX64(old_cte, CTE, RDBASE); 653961b4912SPeter Maydell if (old_rdbase >= s->gicv3->num_cpu) { 654961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 655961b4912SPeter Maydell "%s: CTE has invalid rdbase 0x%"PRIx64"\n", 656961b4912SPeter Maydell __func__, old_rdbase); 657961b4912SPeter Maydell return CMD_CONTINUE; 658961b4912SPeter Maydell } 659961b4912SPeter Maydell 660961b4912SPeter Maydell new_rdbase = FIELD_EX64(new_cte, CTE, RDBASE); 661961b4912SPeter Maydell if (new_rdbase >= s->gicv3->num_cpu) { 662961b4912SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 663961b4912SPeter Maydell "%s: CTE has invalid rdbase 0x%"PRIx64"\n", 664961b4912SPeter Maydell __func__, new_rdbase); 665961b4912SPeter Maydell return CMD_CONTINUE; 666961b4912SPeter Maydell } 667961b4912SPeter Maydell 668961b4912SPeter Maydell if (old_rdbase != new_rdbase) { 669961b4912SPeter Maydell /* Move the LPI from the old redistributor to the new one */ 670961b4912SPeter Maydell gicv3_redist_mov_lpi(&s->gicv3->cpu[old_rdbase], 671961b4912SPeter Maydell &s->gicv3->cpu[new_rdbase], 672961b4912SPeter Maydell intid); 673961b4912SPeter Maydell } 674961b4912SPeter Maydell 675961b4912SPeter Maydell /* Update the ICID field in the interrupt translation table entry */ 676961b4912SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, VALID, 1); 677961b4912SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, INTTYPE, ITE_INTTYPE_PHYSICAL); 678961b4912SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, INTID, intid); 679961b4912SPeter Maydell ite.itel = FIELD_DP64(ite.itel, ITE_L, DOORBELL, INTID_SPURIOUS); 680961b4912SPeter Maydell ite.iteh = FIELD_DP32(ite.iteh, ITE_H, ICID, new_icid); 681961b4912SPeter Maydell return update_ite(s, eventid, dte, ite) ? CMD_CONTINUE : CMD_STALL; 682961b4912SPeter Maydell } 683961b4912SPeter Maydell 6847eca39e0SShashi Mallela /* 6857eca39e0SShashi Mallela * Current implementation blocks until all 6867eca39e0SShashi Mallela * commands are processed 6877eca39e0SShashi Mallela */ 6887eca39e0SShashi Mallela static void process_cmdq(GICv3ITSState *s) 6897eca39e0SShashi Mallela { 6907eca39e0SShashi Mallela uint32_t wr_offset = 0; 6917eca39e0SShashi Mallela uint32_t rd_offset = 0; 6927eca39e0SShashi Mallela uint32_t cq_offset = 0; 6937eca39e0SShashi Mallela AddressSpace *as = &s->gicv3->dma_as; 6947eca39e0SShashi Mallela uint8_t cmd; 69517fb5e36SShashi Mallela int i; 6967eca39e0SShashi Mallela 6978d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 6987eca39e0SShashi Mallela return; 6997eca39e0SShashi Mallela } 7007eca39e0SShashi Mallela 7017eca39e0SShashi Mallela wr_offset = FIELD_EX64(s->cwriter, GITS_CWRITER, OFFSET); 7027eca39e0SShashi Mallela 70380dcd37fSPeter Maydell if (wr_offset >= s->cq.num_entries) { 7047eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 7057eca39e0SShashi Mallela "%s: invalid write offset " 7067eca39e0SShashi Mallela "%d\n", __func__, wr_offset); 7077eca39e0SShashi Mallela return; 7087eca39e0SShashi Mallela } 7097eca39e0SShashi Mallela 7107eca39e0SShashi Mallela rd_offset = FIELD_EX64(s->creadr, GITS_CREADR, OFFSET); 7117eca39e0SShashi Mallela 71280dcd37fSPeter Maydell if (rd_offset >= s->cq.num_entries) { 7137eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 7147eca39e0SShashi Mallela "%s: invalid read offset " 7157eca39e0SShashi Mallela "%d\n", __func__, rd_offset); 7167eca39e0SShashi Mallela return; 7177eca39e0SShashi Mallela } 7187eca39e0SShashi Mallela 7197eca39e0SShashi Mallela while (wr_offset != rd_offset) { 720ef011555SPeter Maydell ItsCmdResult result = CMD_CONTINUE; 721*b6f96009SPeter Maydell void *hostmem; 722*b6f96009SPeter Maydell hwaddr buflen; 723*b6f96009SPeter Maydell uint64_t cmdpkt[GITS_CMDQ_ENTRY_WORDS]; 724ef011555SPeter Maydell 7257eca39e0SShashi Mallela cq_offset = (rd_offset * GITS_CMDQ_ENTRY_SIZE); 726*b6f96009SPeter Maydell 727*b6f96009SPeter Maydell buflen = GITS_CMDQ_ENTRY_SIZE; 728*b6f96009SPeter Maydell hostmem = address_space_map(as, s->cq.base_addr + cq_offset, 729*b6f96009SPeter Maydell &buflen, false, MEMTXATTRS_UNSPECIFIED); 730*b6f96009SPeter Maydell if (!hostmem || buflen != GITS_CMDQ_ENTRY_SIZE) { 731*b6f96009SPeter Maydell if (hostmem) { 732*b6f96009SPeter Maydell address_space_unmap(as, hostmem, buflen, false, 0); 733*b6f96009SPeter Maydell } 734f0b4b2a2SPeter Maydell s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, STALLED, 1); 735f0b4b2a2SPeter Maydell qemu_log_mask(LOG_GUEST_ERROR, 736f0b4b2a2SPeter Maydell "%s: could not read command at 0x%" PRIx64 "\n", 737f0b4b2a2SPeter Maydell __func__, s->cq.base_addr + cq_offset); 738f0b4b2a2SPeter Maydell break; 7397eca39e0SShashi Mallela } 740*b6f96009SPeter Maydell for (i = 0; i < ARRAY_SIZE(cmdpkt); i++) { 741*b6f96009SPeter Maydell cmdpkt[i] = ldq_le_p(hostmem + i * sizeof(uint64_t)); 742*b6f96009SPeter Maydell } 743*b6f96009SPeter Maydell address_space_unmap(as, hostmem, buflen, false, 0); 744f0b4b2a2SPeter Maydell 745*b6f96009SPeter Maydell cmd = cmdpkt[0] & CMD_MASK; 7467eca39e0SShashi Mallela 747195209d3SPeter Maydell trace_gicv3_its_process_command(rd_offset, cmd); 748195209d3SPeter Maydell 7497eca39e0SShashi Mallela switch (cmd) { 7507eca39e0SShashi Mallela case GITS_CMD_INT: 751*b6f96009SPeter Maydell result = process_its_cmd(s, cmdpkt, INTERRUPT); 7527eca39e0SShashi Mallela break; 7537eca39e0SShashi Mallela case GITS_CMD_CLEAR: 754*b6f96009SPeter Maydell result = process_its_cmd(s, cmdpkt, CLEAR); 7557eca39e0SShashi Mallela break; 7567eca39e0SShashi Mallela case GITS_CMD_SYNC: 7577eca39e0SShashi Mallela /* 7587eca39e0SShashi Mallela * Current implementation makes a blocking synchronous call 7597eca39e0SShashi Mallela * for every command issued earlier, hence the internal state 7607eca39e0SShashi Mallela * is already consistent by the time SYNC command is executed. 7617eca39e0SShashi Mallela * Hence no further processing is required for SYNC command. 7627eca39e0SShashi Mallela */ 7637eca39e0SShashi Mallela break; 7647eca39e0SShashi Mallela case GITS_CMD_MAPD: 765*b6f96009SPeter Maydell result = process_mapd(s, cmdpkt); 7667eca39e0SShashi Mallela break; 7677eca39e0SShashi Mallela case GITS_CMD_MAPC: 768*b6f96009SPeter Maydell result = process_mapc(s, cmdpkt); 7697eca39e0SShashi Mallela break; 7707eca39e0SShashi Mallela case GITS_CMD_MAPTI: 771*b6f96009SPeter Maydell result = process_mapti(s, cmdpkt, false); 7727eca39e0SShashi Mallela break; 7737eca39e0SShashi Mallela case GITS_CMD_MAPI: 774*b6f96009SPeter Maydell result = process_mapti(s, cmdpkt, true); 7757eca39e0SShashi Mallela break; 7767eca39e0SShashi Mallela case GITS_CMD_DISCARD: 777*b6f96009SPeter Maydell result = process_its_cmd(s, cmdpkt, DISCARD); 7787eca39e0SShashi Mallela break; 7797eca39e0SShashi Mallela case GITS_CMD_INV: 7807eca39e0SShashi Mallela case GITS_CMD_INVALL: 78117fb5e36SShashi Mallela /* 78217fb5e36SShashi Mallela * Current implementation doesn't cache any ITS tables, 78317fb5e36SShashi Mallela * but the calculated lpi priority information. We only 78417fb5e36SShashi Mallela * need to trigger lpi priority re-calculation to be in 78517fb5e36SShashi Mallela * sync with LPI config table or pending table changes. 78617fb5e36SShashi Mallela */ 78717fb5e36SShashi Mallela for (i = 0; i < s->gicv3->num_cpu; i++) { 78817fb5e36SShashi Mallela gicv3_redist_update_lpi(&s->gicv3->cpu[i]); 78917fb5e36SShashi Mallela } 7907eca39e0SShashi Mallela break; 791961b4912SPeter Maydell case GITS_CMD_MOVI: 792*b6f96009SPeter Maydell result = process_movi(s, cmdpkt); 793961b4912SPeter Maydell break; 794f6d1d9b4SPeter Maydell case GITS_CMD_MOVALL: 795*b6f96009SPeter Maydell result = process_movall(s, cmdpkt); 796f6d1d9b4SPeter Maydell break; 7977eca39e0SShashi Mallela default: 7987eca39e0SShashi Mallela break; 7997eca39e0SShashi Mallela } 800ef011555SPeter Maydell if (result == CMD_CONTINUE) { 8017eca39e0SShashi Mallela rd_offset++; 80280dcd37fSPeter Maydell rd_offset %= s->cq.num_entries; 8037eca39e0SShashi Mallela s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, OFFSET, rd_offset); 8047eca39e0SShashi Mallela } else { 805ef011555SPeter Maydell /* CMD_STALL */ 8067eca39e0SShashi Mallela s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, STALLED, 1); 8077eca39e0SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 808ef011555SPeter Maydell "%s: 0x%x cmd processing failed, stalling\n", 809ef011555SPeter Maydell __func__, cmd); 8107eca39e0SShashi Mallela break; 8117eca39e0SShashi Mallela } 8127eca39e0SShashi Mallela } 8137eca39e0SShashi Mallela } 8147eca39e0SShashi Mallela 8151b08e436SShashi Mallela /* 8161b08e436SShashi Mallela * This function extracts the ITS Device and Collection table specific 8171b08e436SShashi Mallela * parameters (like base_addr, size etc) from GITS_BASER register. 8181b08e436SShashi Mallela * It is called during ITS enable and also during post_load migration 8191b08e436SShashi Mallela */ 8201b08e436SShashi Mallela static void extract_table_params(GICv3ITSState *s) 8211b08e436SShashi Mallela { 8221b08e436SShashi Mallela uint16_t num_pages = 0; 8231b08e436SShashi Mallela uint8_t page_sz_type; 8241b08e436SShashi Mallela uint8_t type; 8251b08e436SShashi Mallela uint32_t page_sz = 0; 8261b08e436SShashi Mallela uint64_t value; 8271b08e436SShashi Mallela 8281b08e436SShashi Mallela for (int i = 0; i < 8; i++) { 829e5487a41SPeter Maydell TableDesc *td; 830e5487a41SPeter Maydell int idbits; 831e5487a41SPeter Maydell 8321b08e436SShashi Mallela value = s->baser[i]; 8331b08e436SShashi Mallela 8341b08e436SShashi Mallela if (!value) { 8351b08e436SShashi Mallela continue; 8361b08e436SShashi Mallela } 8371b08e436SShashi Mallela 8381b08e436SShashi Mallela page_sz_type = FIELD_EX64(value, GITS_BASER, PAGESIZE); 8391b08e436SShashi Mallela 8401b08e436SShashi Mallela switch (page_sz_type) { 8411b08e436SShashi Mallela case 0: 8421b08e436SShashi Mallela page_sz = GITS_PAGE_SIZE_4K; 8431b08e436SShashi Mallela break; 8441b08e436SShashi Mallela 8451b08e436SShashi Mallela case 1: 8461b08e436SShashi Mallela page_sz = GITS_PAGE_SIZE_16K; 8471b08e436SShashi Mallela break; 8481b08e436SShashi Mallela 8491b08e436SShashi Mallela case 2: 8501b08e436SShashi Mallela case 3: 8511b08e436SShashi Mallela page_sz = GITS_PAGE_SIZE_64K; 8521b08e436SShashi Mallela break; 8531b08e436SShashi Mallela 8541b08e436SShashi Mallela default: 8551b08e436SShashi Mallela g_assert_not_reached(); 8561b08e436SShashi Mallela } 8571b08e436SShashi Mallela 8581b08e436SShashi Mallela num_pages = FIELD_EX64(value, GITS_BASER, SIZE) + 1; 8591b08e436SShashi Mallela 8601b08e436SShashi Mallela type = FIELD_EX64(value, GITS_BASER, TYPE); 8611b08e436SShashi Mallela 8621b08e436SShashi Mallela switch (type) { 8631b08e436SShashi Mallela case GITS_BASER_TYPE_DEVICE: 864e5487a41SPeter Maydell td = &s->dt; 865e5487a41SPeter Maydell idbits = FIELD_EX64(s->typer, GITS_TYPER, DEVBITS) + 1; 86662df780eSPeter Maydell break; 8671b08e436SShashi Mallela case GITS_BASER_TYPE_COLLECTION: 868e5487a41SPeter Maydell td = &s->ct; 8691b08e436SShashi Mallela if (FIELD_EX64(s->typer, GITS_TYPER, CIL)) { 870e5487a41SPeter Maydell idbits = FIELD_EX64(s->typer, GITS_TYPER, CIDBITS) + 1; 8711b08e436SShashi Mallela } else { 8721b08e436SShashi Mallela /* 16-bit CollectionId supported when CIL == 0 */ 873e5487a41SPeter Maydell idbits = 16; 8741b08e436SShashi Mallela } 8751b08e436SShashi Mallela break; 8761b08e436SShashi Mallela default: 877e5487a41SPeter Maydell /* 878e5487a41SPeter Maydell * GITS_BASER<n>.TYPE is read-only, so GITS_BASER_RO_MASK 879e5487a41SPeter Maydell * ensures we will only see type values corresponding to 880e5487a41SPeter Maydell * the values set up in gicv3_its_reset(). 881e5487a41SPeter Maydell */ 882e5487a41SPeter Maydell g_assert_not_reached(); 8831b08e436SShashi Mallela } 884e5487a41SPeter Maydell 885e5487a41SPeter Maydell memset(td, 0, sizeof(*td)); 886e5487a41SPeter Maydell td->valid = FIELD_EX64(value, GITS_BASER, VALID); 887e5487a41SPeter Maydell /* 888e5487a41SPeter Maydell * If GITS_BASER<n>.Valid is 0 for any <n> then we will not process 889e5487a41SPeter Maydell * interrupts. (GITS_TYPER.HCC is 0 for this implementation, so we 890e5487a41SPeter Maydell * do not have a special case where the GITS_BASER<n>.Valid bit is 0 891e5487a41SPeter Maydell * for the register corresponding to the Collection table but we 892e5487a41SPeter Maydell * still have to process interrupts using non-memory-backed 893e5487a41SPeter Maydell * Collection table entries.) 894e5487a41SPeter Maydell */ 895e5487a41SPeter Maydell if (!td->valid) { 896e5487a41SPeter Maydell continue; 897e5487a41SPeter Maydell } 898e5487a41SPeter Maydell td->page_sz = page_sz; 899e5487a41SPeter Maydell td->indirect = FIELD_EX64(value, GITS_BASER, INDIRECT); 9009ae85431SPeter Maydell td->entry_sz = FIELD_EX64(value, GITS_BASER, ENTRYSIZE) + 1; 901e5487a41SPeter Maydell td->base_addr = baser_base_addr(value, page_sz); 902e5487a41SPeter Maydell if (!td->indirect) { 90380dcd37fSPeter Maydell td->num_entries = (num_pages * page_sz) / td->entry_sz; 904e5487a41SPeter Maydell } else { 90580dcd37fSPeter Maydell td->num_entries = (((num_pages * page_sz) / 906e5487a41SPeter Maydell L1TABLE_ENTRY_SIZE) * 907e5487a41SPeter Maydell (page_sz / td->entry_sz)); 908e5487a41SPeter Maydell } 9098b8bb014SPeter Maydell td->num_entries = MIN(td->num_entries, 1ULL << idbits); 9101b08e436SShashi Mallela } 9111b08e436SShashi Mallela } 9121b08e436SShashi Mallela 9131b08e436SShashi Mallela static void extract_cmdq_params(GICv3ITSState *s) 9141b08e436SShashi Mallela { 9151b08e436SShashi Mallela uint16_t num_pages = 0; 9161b08e436SShashi Mallela uint64_t value = s->cbaser; 9171b08e436SShashi Mallela 9181b08e436SShashi Mallela num_pages = FIELD_EX64(value, GITS_CBASER, SIZE) + 1; 9191b08e436SShashi Mallela 9201b08e436SShashi Mallela memset(&s->cq, 0 , sizeof(s->cq)); 9211b08e436SShashi Mallela s->cq.valid = FIELD_EX64(value, GITS_CBASER, VALID); 9221b08e436SShashi Mallela 9231b08e436SShashi Mallela if (s->cq.valid) { 92480dcd37fSPeter Maydell s->cq.num_entries = (num_pages * GITS_PAGE_SIZE_4K) / 9251b08e436SShashi Mallela GITS_CMDQ_ENTRY_SIZE; 9261b08e436SShashi Mallela s->cq.base_addr = FIELD_EX64(value, GITS_CBASER, PHYADDR); 9271b08e436SShashi Mallela s->cq.base_addr <<= R_GITS_CBASER_PHYADDR_SHIFT; 9281b08e436SShashi Mallela } 9291b08e436SShashi Mallela } 9301b08e436SShashi Mallela 9317e062b98SPeter Maydell static MemTxResult gicv3_its_translation_read(void *opaque, hwaddr offset, 9327e062b98SPeter Maydell uint64_t *data, unsigned size, 9337e062b98SPeter Maydell MemTxAttrs attrs) 9347e062b98SPeter Maydell { 9357e062b98SPeter Maydell /* 9367e062b98SPeter Maydell * GITS_TRANSLATER is write-only, and all other addresses 9377e062b98SPeter Maydell * in the interrupt translation space frame are RES0. 9387e062b98SPeter Maydell */ 9397e062b98SPeter Maydell *data = 0; 9407e062b98SPeter Maydell return MEMTX_OK; 9417e062b98SPeter Maydell } 9427e062b98SPeter Maydell 94318f6290aSShashi Mallela static MemTxResult gicv3_its_translation_write(void *opaque, hwaddr offset, 94418f6290aSShashi Mallela uint64_t data, unsigned size, 94518f6290aSShashi Mallela MemTxAttrs attrs) 94618f6290aSShashi Mallela { 947c694cb4cSShashi Mallela GICv3ITSState *s = (GICv3ITSState *)opaque; 948c694cb4cSShashi Mallela bool result = true; 949c694cb4cSShashi Mallela 950195209d3SPeter Maydell trace_gicv3_its_translation_write(offset, data, size, attrs.requester_id); 951195209d3SPeter Maydell 952c694cb4cSShashi Mallela switch (offset) { 953c694cb4cSShashi Mallela case GITS_TRANSLATER: 9548d2d6dd9SPeter Maydell if (s->ctlr & R_GITS_CTLR_ENABLED_MASK) { 955*b6f96009SPeter Maydell result = do_process_its_cmd(s, attrs.requester_id, data, NONE); 956c694cb4cSShashi Mallela } 957c694cb4cSShashi Mallela break; 958c694cb4cSShashi Mallela default: 959c694cb4cSShashi Mallela break; 960c694cb4cSShashi Mallela } 961c694cb4cSShashi Mallela 962c694cb4cSShashi Mallela if (result) { 96318f6290aSShashi Mallela return MEMTX_OK; 964c694cb4cSShashi Mallela } else { 965c694cb4cSShashi Mallela return MEMTX_ERROR; 966c694cb4cSShashi Mallela } 96718f6290aSShashi Mallela } 96818f6290aSShashi Mallela 96918f6290aSShashi Mallela static bool its_writel(GICv3ITSState *s, hwaddr offset, 97018f6290aSShashi Mallela uint64_t value, MemTxAttrs attrs) 97118f6290aSShashi Mallela { 97218f6290aSShashi Mallela bool result = true; 9731b08e436SShashi Mallela int index; 97418f6290aSShashi Mallela 9751b08e436SShashi Mallela switch (offset) { 9761b08e436SShashi Mallela case GITS_CTLR: 9772f459cd1SShashi Mallela if (value & R_GITS_CTLR_ENABLED_MASK) { 9788d2d6dd9SPeter Maydell s->ctlr |= R_GITS_CTLR_ENABLED_MASK; 9791b08e436SShashi Mallela extract_table_params(s); 9801b08e436SShashi Mallela extract_cmdq_params(s); 9817eca39e0SShashi Mallela process_cmdq(s); 9822f459cd1SShashi Mallela } else { 9838d2d6dd9SPeter Maydell s->ctlr &= ~R_GITS_CTLR_ENABLED_MASK; 9841b08e436SShashi Mallela } 9851b08e436SShashi Mallela break; 9861b08e436SShashi Mallela case GITS_CBASER: 9871b08e436SShashi Mallela /* 9881b08e436SShashi Mallela * IMPDEF choice:- GITS_CBASER register becomes RO if ITS is 9891b08e436SShashi Mallela * already enabled 9901b08e436SShashi Mallela */ 9918d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 9921b08e436SShashi Mallela s->cbaser = deposit64(s->cbaser, 0, 32, value); 9931b08e436SShashi Mallela s->creadr = 0; 9941b08e436SShashi Mallela } 9951b08e436SShashi Mallela break; 9961b08e436SShashi Mallela case GITS_CBASER + 4: 9971b08e436SShashi Mallela /* 9981b08e436SShashi Mallela * IMPDEF choice:- GITS_CBASER register becomes RO if ITS is 9991b08e436SShashi Mallela * already enabled 10001b08e436SShashi Mallela */ 10018d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 10021b08e436SShashi Mallela s->cbaser = deposit64(s->cbaser, 32, 32, value); 10031b08e436SShashi Mallela s->creadr = 0; 10041b08e436SShashi Mallela } 10051b08e436SShashi Mallela break; 10061b08e436SShashi Mallela case GITS_CWRITER: 10071b08e436SShashi Mallela s->cwriter = deposit64(s->cwriter, 0, 32, 10081b08e436SShashi Mallela (value & ~R_GITS_CWRITER_RETRY_MASK)); 10097eca39e0SShashi Mallela if (s->cwriter != s->creadr) { 10107eca39e0SShashi Mallela process_cmdq(s); 10117eca39e0SShashi Mallela } 10121b08e436SShashi Mallela break; 10131b08e436SShashi Mallela case GITS_CWRITER + 4: 10141b08e436SShashi Mallela s->cwriter = deposit64(s->cwriter, 32, 32, value); 10151b08e436SShashi Mallela break; 10161b08e436SShashi Mallela case GITS_CREADR: 10171b08e436SShashi Mallela if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) { 10181b08e436SShashi Mallela s->creadr = deposit64(s->creadr, 0, 32, 10191b08e436SShashi Mallela (value & ~R_GITS_CREADR_STALLED_MASK)); 10201b08e436SShashi Mallela } else { 10211b08e436SShashi Mallela /* RO register, ignore the write */ 10221b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 10231b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 10241b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 10251b08e436SShashi Mallela } 10261b08e436SShashi Mallela break; 10271b08e436SShashi Mallela case GITS_CREADR + 4: 10281b08e436SShashi Mallela if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) { 10291b08e436SShashi Mallela s->creadr = deposit64(s->creadr, 32, 32, value); 10301b08e436SShashi Mallela } else { 10311b08e436SShashi Mallela /* RO register, ignore the write */ 10321b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 10331b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 10341b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 10351b08e436SShashi Mallela } 10361b08e436SShashi Mallela break; 10371b08e436SShashi Mallela case GITS_BASER ... GITS_BASER + 0x3f: 10381b08e436SShashi Mallela /* 10391b08e436SShashi Mallela * IMPDEF choice:- GITS_BASERn register becomes RO if ITS is 10401b08e436SShashi Mallela * already enabled 10411b08e436SShashi Mallela */ 10428d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 10431b08e436SShashi Mallela index = (offset - GITS_BASER) / 8; 10441b08e436SShashi Mallela 10450ffe88e6SPeter Maydell if (s->baser[index] == 0) { 10460ffe88e6SPeter Maydell /* Unimplemented GITS_BASERn: RAZ/WI */ 10470ffe88e6SPeter Maydell break; 10480ffe88e6SPeter Maydell } 10491b08e436SShashi Mallela if (offset & 7) { 10501b08e436SShashi Mallela value <<= 32; 10511b08e436SShashi Mallela value &= ~GITS_BASER_RO_MASK; 10521b08e436SShashi Mallela s->baser[index] &= GITS_BASER_RO_MASK | MAKE_64BIT_MASK(0, 32); 10531b08e436SShashi Mallela s->baser[index] |= value; 10541b08e436SShashi Mallela } else { 10551b08e436SShashi Mallela value &= ~GITS_BASER_RO_MASK; 10561b08e436SShashi Mallela s->baser[index] &= GITS_BASER_RO_MASK | MAKE_64BIT_MASK(32, 32); 10571b08e436SShashi Mallela s->baser[index] |= value; 10581b08e436SShashi Mallela } 10591b08e436SShashi Mallela } 10601b08e436SShashi Mallela break; 10611b08e436SShashi Mallela case GITS_IIDR: 10621b08e436SShashi Mallela case GITS_IDREGS ... GITS_IDREGS + 0x2f: 10631b08e436SShashi Mallela /* RO registers, ignore the write */ 10641b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 10651b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 10661b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 10671b08e436SShashi Mallela break; 10681b08e436SShashi Mallela default: 10691b08e436SShashi Mallela result = false; 10701b08e436SShashi Mallela break; 10711b08e436SShashi Mallela } 107218f6290aSShashi Mallela return result; 107318f6290aSShashi Mallela } 107418f6290aSShashi Mallela 107518f6290aSShashi Mallela static bool its_readl(GICv3ITSState *s, hwaddr offset, 107618f6290aSShashi Mallela uint64_t *data, MemTxAttrs attrs) 107718f6290aSShashi Mallela { 107818f6290aSShashi Mallela bool result = true; 10791b08e436SShashi Mallela int index; 108018f6290aSShashi Mallela 10811b08e436SShashi Mallela switch (offset) { 10821b08e436SShashi Mallela case GITS_CTLR: 10831b08e436SShashi Mallela *data = s->ctlr; 10841b08e436SShashi Mallela break; 10851b08e436SShashi Mallela case GITS_IIDR: 10861b08e436SShashi Mallela *data = gicv3_iidr(); 10871b08e436SShashi Mallela break; 10881b08e436SShashi Mallela case GITS_IDREGS ... GITS_IDREGS + 0x2f: 10891b08e436SShashi Mallela /* ID registers */ 10901b08e436SShashi Mallela *data = gicv3_idreg(offset - GITS_IDREGS); 10911b08e436SShashi Mallela break; 10921b08e436SShashi Mallela case GITS_TYPER: 10931b08e436SShashi Mallela *data = extract64(s->typer, 0, 32); 10941b08e436SShashi Mallela break; 10951b08e436SShashi Mallela case GITS_TYPER + 4: 10961b08e436SShashi Mallela *data = extract64(s->typer, 32, 32); 10971b08e436SShashi Mallela break; 10981b08e436SShashi Mallela case GITS_CBASER: 10991b08e436SShashi Mallela *data = extract64(s->cbaser, 0, 32); 11001b08e436SShashi Mallela break; 11011b08e436SShashi Mallela case GITS_CBASER + 4: 11021b08e436SShashi Mallela *data = extract64(s->cbaser, 32, 32); 11031b08e436SShashi Mallela break; 11041b08e436SShashi Mallela case GITS_CREADR: 11051b08e436SShashi Mallela *data = extract64(s->creadr, 0, 32); 11061b08e436SShashi Mallela break; 11071b08e436SShashi Mallela case GITS_CREADR + 4: 11081b08e436SShashi Mallela *data = extract64(s->creadr, 32, 32); 11091b08e436SShashi Mallela break; 11101b08e436SShashi Mallela case GITS_CWRITER: 11111b08e436SShashi Mallela *data = extract64(s->cwriter, 0, 32); 11121b08e436SShashi Mallela break; 11131b08e436SShashi Mallela case GITS_CWRITER + 4: 11141b08e436SShashi Mallela *data = extract64(s->cwriter, 32, 32); 11151b08e436SShashi Mallela break; 11161b08e436SShashi Mallela case GITS_BASER ... GITS_BASER + 0x3f: 11171b08e436SShashi Mallela index = (offset - GITS_BASER) / 8; 11181b08e436SShashi Mallela if (offset & 7) { 11191b08e436SShashi Mallela *data = extract64(s->baser[index], 32, 32); 11201b08e436SShashi Mallela } else { 11211b08e436SShashi Mallela *data = extract64(s->baser[index], 0, 32); 11221b08e436SShashi Mallela } 11231b08e436SShashi Mallela break; 11241b08e436SShashi Mallela default: 11251b08e436SShashi Mallela result = false; 11261b08e436SShashi Mallela break; 11271b08e436SShashi Mallela } 112818f6290aSShashi Mallela return result; 112918f6290aSShashi Mallela } 113018f6290aSShashi Mallela 113118f6290aSShashi Mallela static bool its_writell(GICv3ITSState *s, hwaddr offset, 113218f6290aSShashi Mallela uint64_t value, MemTxAttrs attrs) 113318f6290aSShashi Mallela { 113418f6290aSShashi Mallela bool result = true; 11351b08e436SShashi Mallela int index; 113618f6290aSShashi Mallela 11371b08e436SShashi Mallela switch (offset) { 11381b08e436SShashi Mallela case GITS_BASER ... GITS_BASER + 0x3f: 11391b08e436SShashi Mallela /* 11401b08e436SShashi Mallela * IMPDEF choice:- GITS_BASERn register becomes RO if ITS is 11411b08e436SShashi Mallela * already enabled 11421b08e436SShashi Mallela */ 11438d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 11441b08e436SShashi Mallela index = (offset - GITS_BASER) / 8; 11450ffe88e6SPeter Maydell if (s->baser[index] == 0) { 11460ffe88e6SPeter Maydell /* Unimplemented GITS_BASERn: RAZ/WI */ 11470ffe88e6SPeter Maydell break; 11480ffe88e6SPeter Maydell } 11491b08e436SShashi Mallela s->baser[index] &= GITS_BASER_RO_MASK; 11501b08e436SShashi Mallela s->baser[index] |= (value & ~GITS_BASER_RO_MASK); 11511b08e436SShashi Mallela } 11521b08e436SShashi Mallela break; 11531b08e436SShashi Mallela case GITS_CBASER: 11541b08e436SShashi Mallela /* 11551b08e436SShashi Mallela * IMPDEF choice:- GITS_CBASER register becomes RO if ITS is 11561b08e436SShashi Mallela * already enabled 11571b08e436SShashi Mallela */ 11588d2d6dd9SPeter Maydell if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) { 11591b08e436SShashi Mallela s->cbaser = value; 11601b08e436SShashi Mallela s->creadr = 0; 11611b08e436SShashi Mallela } 11621b08e436SShashi Mallela break; 11631b08e436SShashi Mallela case GITS_CWRITER: 11641b08e436SShashi Mallela s->cwriter = value & ~R_GITS_CWRITER_RETRY_MASK; 11657eca39e0SShashi Mallela if (s->cwriter != s->creadr) { 11667eca39e0SShashi Mallela process_cmdq(s); 11677eca39e0SShashi Mallela } 11681b08e436SShashi Mallela break; 11691b08e436SShashi Mallela case GITS_CREADR: 11701b08e436SShashi Mallela if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) { 11711b08e436SShashi Mallela s->creadr = value & ~R_GITS_CREADR_STALLED_MASK; 11721b08e436SShashi Mallela } else { 11731b08e436SShashi Mallela /* RO register, ignore the write */ 11741b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 11751b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 11761b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 11771b08e436SShashi Mallela } 11781b08e436SShashi Mallela break; 11791b08e436SShashi Mallela case GITS_TYPER: 11801b08e436SShashi Mallela /* RO registers, ignore the write */ 11811b08e436SShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 11821b08e436SShashi Mallela "%s: invalid guest write to RO register at offset " 11831b08e436SShashi Mallela TARGET_FMT_plx "\n", __func__, offset); 11841b08e436SShashi Mallela break; 11851b08e436SShashi Mallela default: 11861b08e436SShashi Mallela result = false; 11871b08e436SShashi Mallela break; 11881b08e436SShashi Mallela } 118918f6290aSShashi Mallela return result; 119018f6290aSShashi Mallela } 119118f6290aSShashi Mallela 119218f6290aSShashi Mallela static bool its_readll(GICv3ITSState *s, hwaddr offset, 119318f6290aSShashi Mallela uint64_t *data, MemTxAttrs attrs) 119418f6290aSShashi Mallela { 119518f6290aSShashi Mallela bool result = true; 11961b08e436SShashi Mallela int index; 119718f6290aSShashi Mallela 11981b08e436SShashi Mallela switch (offset) { 11991b08e436SShashi Mallela case GITS_TYPER: 12001b08e436SShashi Mallela *data = s->typer; 12011b08e436SShashi Mallela break; 12021b08e436SShashi Mallela case GITS_BASER ... GITS_BASER + 0x3f: 12031b08e436SShashi Mallela index = (offset - GITS_BASER) / 8; 12041b08e436SShashi Mallela *data = s->baser[index]; 12051b08e436SShashi Mallela break; 12061b08e436SShashi Mallela case GITS_CBASER: 12071b08e436SShashi Mallela *data = s->cbaser; 12081b08e436SShashi Mallela break; 12091b08e436SShashi Mallela case GITS_CREADR: 12101b08e436SShashi Mallela *data = s->creadr; 12111b08e436SShashi Mallela break; 12121b08e436SShashi Mallela case GITS_CWRITER: 12131b08e436SShashi Mallela *data = s->cwriter; 12141b08e436SShashi Mallela break; 12151b08e436SShashi Mallela default: 12161b08e436SShashi Mallela result = false; 12171b08e436SShashi Mallela break; 12181b08e436SShashi Mallela } 121918f6290aSShashi Mallela return result; 122018f6290aSShashi Mallela } 122118f6290aSShashi Mallela 122218f6290aSShashi Mallela static MemTxResult gicv3_its_read(void *opaque, hwaddr offset, uint64_t *data, 122318f6290aSShashi Mallela unsigned size, MemTxAttrs attrs) 122418f6290aSShashi Mallela { 122518f6290aSShashi Mallela GICv3ITSState *s = (GICv3ITSState *)opaque; 122618f6290aSShashi Mallela bool result; 122718f6290aSShashi Mallela 122818f6290aSShashi Mallela switch (size) { 122918f6290aSShashi Mallela case 4: 123018f6290aSShashi Mallela result = its_readl(s, offset, data, attrs); 123118f6290aSShashi Mallela break; 123218f6290aSShashi Mallela case 8: 123318f6290aSShashi Mallela result = its_readll(s, offset, data, attrs); 123418f6290aSShashi Mallela break; 123518f6290aSShashi Mallela default: 123618f6290aSShashi Mallela result = false; 123718f6290aSShashi Mallela break; 123818f6290aSShashi Mallela } 123918f6290aSShashi Mallela 124018f6290aSShashi Mallela if (!result) { 124118f6290aSShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 124218f6290aSShashi Mallela "%s: invalid guest read at offset " TARGET_FMT_plx 124318f6290aSShashi Mallela "size %u\n", __func__, offset, size); 1244195209d3SPeter Maydell trace_gicv3_its_badread(offset, size); 124518f6290aSShashi Mallela /* 124618f6290aSShashi Mallela * The spec requires that reserved registers are RAZ/WI; 124718f6290aSShashi Mallela * so use false returns from leaf functions as a way to 124818f6290aSShashi Mallela * trigger the guest-error logging but don't return it to 124918f6290aSShashi Mallela * the caller, or we'll cause a spurious guest data abort. 125018f6290aSShashi Mallela */ 125118f6290aSShashi Mallela *data = 0; 1252195209d3SPeter Maydell } else { 1253195209d3SPeter Maydell trace_gicv3_its_read(offset, *data, size); 125418f6290aSShashi Mallela } 125518f6290aSShashi Mallela return MEMTX_OK; 125618f6290aSShashi Mallela } 125718f6290aSShashi Mallela 125818f6290aSShashi Mallela static MemTxResult gicv3_its_write(void *opaque, hwaddr offset, uint64_t data, 125918f6290aSShashi Mallela unsigned size, MemTxAttrs attrs) 126018f6290aSShashi Mallela { 126118f6290aSShashi Mallela GICv3ITSState *s = (GICv3ITSState *)opaque; 126218f6290aSShashi Mallela bool result; 126318f6290aSShashi Mallela 126418f6290aSShashi Mallela switch (size) { 126518f6290aSShashi Mallela case 4: 126618f6290aSShashi Mallela result = its_writel(s, offset, data, attrs); 126718f6290aSShashi Mallela break; 126818f6290aSShashi Mallela case 8: 126918f6290aSShashi Mallela result = its_writell(s, offset, data, attrs); 127018f6290aSShashi Mallela break; 127118f6290aSShashi Mallela default: 127218f6290aSShashi Mallela result = false; 127318f6290aSShashi Mallela break; 127418f6290aSShashi Mallela } 127518f6290aSShashi Mallela 127618f6290aSShashi Mallela if (!result) { 127718f6290aSShashi Mallela qemu_log_mask(LOG_GUEST_ERROR, 127818f6290aSShashi Mallela "%s: invalid guest write at offset " TARGET_FMT_plx 127918f6290aSShashi Mallela "size %u\n", __func__, offset, size); 1280195209d3SPeter Maydell trace_gicv3_its_badwrite(offset, data, size); 128118f6290aSShashi Mallela /* 128218f6290aSShashi Mallela * The spec requires that reserved registers are RAZ/WI; 128318f6290aSShashi Mallela * so use false returns from leaf functions as a way to 128418f6290aSShashi Mallela * trigger the guest-error logging but don't return it to 128518f6290aSShashi Mallela * the caller, or we'll cause a spurious guest data abort. 128618f6290aSShashi Mallela */ 1287195209d3SPeter Maydell } else { 1288195209d3SPeter Maydell trace_gicv3_its_write(offset, data, size); 128918f6290aSShashi Mallela } 129018f6290aSShashi Mallela return MEMTX_OK; 129118f6290aSShashi Mallela } 129218f6290aSShashi Mallela 129318f6290aSShashi Mallela static const MemoryRegionOps gicv3_its_control_ops = { 129418f6290aSShashi Mallela .read_with_attrs = gicv3_its_read, 129518f6290aSShashi Mallela .write_with_attrs = gicv3_its_write, 129618f6290aSShashi Mallela .valid.min_access_size = 4, 129718f6290aSShashi Mallela .valid.max_access_size = 8, 129818f6290aSShashi Mallela .impl.min_access_size = 4, 129918f6290aSShashi Mallela .impl.max_access_size = 8, 130018f6290aSShashi Mallela .endianness = DEVICE_NATIVE_ENDIAN, 130118f6290aSShashi Mallela }; 130218f6290aSShashi Mallela 130318f6290aSShashi Mallela static const MemoryRegionOps gicv3_its_translation_ops = { 13047e062b98SPeter Maydell .read_with_attrs = gicv3_its_translation_read, 130518f6290aSShashi Mallela .write_with_attrs = gicv3_its_translation_write, 130618f6290aSShashi Mallela .valid.min_access_size = 2, 130718f6290aSShashi Mallela .valid.max_access_size = 4, 130818f6290aSShashi Mallela .impl.min_access_size = 2, 130918f6290aSShashi Mallela .impl.max_access_size = 4, 131018f6290aSShashi Mallela .endianness = DEVICE_NATIVE_ENDIAN, 131118f6290aSShashi Mallela }; 131218f6290aSShashi Mallela 131318f6290aSShashi Mallela static void gicv3_arm_its_realize(DeviceState *dev, Error **errp) 131418f6290aSShashi Mallela { 131518f6290aSShashi Mallela GICv3ITSState *s = ARM_GICV3_ITS_COMMON(dev); 131618f6290aSShashi Mallela int i; 131718f6290aSShashi Mallela 131818f6290aSShashi Mallela for (i = 0; i < s->gicv3->num_cpu; i++) { 131918f6290aSShashi Mallela if (!(s->gicv3->cpu[i].gicr_typer & GICR_TYPER_PLPIS)) { 132018f6290aSShashi Mallela error_setg(errp, "Physical LPI not supported by CPU %d", i); 132118f6290aSShashi Mallela return; 132218f6290aSShashi Mallela } 132318f6290aSShashi Mallela } 132418f6290aSShashi Mallela 132518f6290aSShashi Mallela gicv3_its_init_mmio(s, &gicv3_its_control_ops, &gicv3_its_translation_ops); 132618f6290aSShashi Mallela 132718f6290aSShashi Mallela /* set the ITS default features supported */ 1328764d6ba1SPeter Maydell s->typer = FIELD_DP64(s->typer, GITS_TYPER, PHYSICAL, 1); 132918f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, ITT_ENTRY_SIZE, 133018f6290aSShashi Mallela ITS_ITT_ENTRY_SIZE - 1); 133118f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, IDBITS, ITS_IDBITS); 133218f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, DEVBITS, ITS_DEVBITS); 133318f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, CIL, 1); 133418f6290aSShashi Mallela s->typer = FIELD_DP64(s->typer, GITS_TYPER, CIDBITS, ITS_CIDBITS); 133518f6290aSShashi Mallela } 133618f6290aSShashi Mallela 133718f6290aSShashi Mallela static void gicv3_its_reset(DeviceState *dev) 133818f6290aSShashi Mallela { 133918f6290aSShashi Mallela GICv3ITSState *s = ARM_GICV3_ITS_COMMON(dev); 134018f6290aSShashi Mallela GICv3ITSClass *c = ARM_GICV3_ITS_GET_CLASS(s); 134118f6290aSShashi Mallela 134218f6290aSShashi Mallela c->parent_reset(dev); 134318f6290aSShashi Mallela 134418f6290aSShashi Mallela /* Quiescent bit reset to 1 */ 134518f6290aSShashi Mallela s->ctlr = FIELD_DP32(s->ctlr, GITS_CTLR, QUIESCENT, 1); 134618f6290aSShashi Mallela 134718f6290aSShashi Mallela /* 134818f6290aSShashi Mallela * setting GITS_BASER0.Type = 0b001 (Device) 134918f6290aSShashi Mallela * GITS_BASER1.Type = 0b100 (Collection Table) 135018f6290aSShashi Mallela * GITS_BASER<n>.Type,where n = 3 to 7 are 0b00 (Unimplemented) 135118f6290aSShashi Mallela * GITS_BASER<0,1>.Page_Size = 64KB 135218f6290aSShashi Mallela * and default translation table entry size to 16 bytes 135318f6290aSShashi Mallela */ 135418f6290aSShashi Mallela s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, TYPE, 135518f6290aSShashi Mallela GITS_BASER_TYPE_DEVICE); 135618f6290aSShashi Mallela s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, PAGESIZE, 135718f6290aSShashi Mallela GITS_BASER_PAGESIZE_64K); 135818f6290aSShashi Mallela s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, ENTRYSIZE, 135918f6290aSShashi Mallela GITS_DTE_SIZE - 1); 136018f6290aSShashi Mallela 136118f6290aSShashi Mallela s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, TYPE, 136218f6290aSShashi Mallela GITS_BASER_TYPE_COLLECTION); 136318f6290aSShashi Mallela s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, PAGESIZE, 136418f6290aSShashi Mallela GITS_BASER_PAGESIZE_64K); 136518f6290aSShashi Mallela s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, ENTRYSIZE, 136618f6290aSShashi Mallela GITS_CTE_SIZE - 1); 136718f6290aSShashi Mallela } 136818f6290aSShashi Mallela 13691b08e436SShashi Mallela static void gicv3_its_post_load(GICv3ITSState *s) 13701b08e436SShashi Mallela { 13718d2d6dd9SPeter Maydell if (s->ctlr & R_GITS_CTLR_ENABLED_MASK) { 13721b08e436SShashi Mallela extract_table_params(s); 13731b08e436SShashi Mallela extract_cmdq_params(s); 13741b08e436SShashi Mallela } 13751b08e436SShashi Mallela } 13761b08e436SShashi Mallela 137718f6290aSShashi Mallela static Property gicv3_its_props[] = { 137818f6290aSShashi Mallela DEFINE_PROP_LINK("parent-gicv3", GICv3ITSState, gicv3, "arm-gicv3", 137918f6290aSShashi Mallela GICv3State *), 138018f6290aSShashi Mallela DEFINE_PROP_END_OF_LIST(), 138118f6290aSShashi Mallela }; 138218f6290aSShashi Mallela 138318f6290aSShashi Mallela static void gicv3_its_class_init(ObjectClass *klass, void *data) 138418f6290aSShashi Mallela { 138518f6290aSShashi Mallela DeviceClass *dc = DEVICE_CLASS(klass); 138618f6290aSShashi Mallela GICv3ITSClass *ic = ARM_GICV3_ITS_CLASS(klass); 13871b08e436SShashi Mallela GICv3ITSCommonClass *icc = ARM_GICV3_ITS_COMMON_CLASS(klass); 138818f6290aSShashi Mallela 138918f6290aSShashi Mallela dc->realize = gicv3_arm_its_realize; 139018f6290aSShashi Mallela device_class_set_props(dc, gicv3_its_props); 139118f6290aSShashi Mallela device_class_set_parent_reset(dc, gicv3_its_reset, &ic->parent_reset); 13921b08e436SShashi Mallela icc->post_load = gicv3_its_post_load; 139318f6290aSShashi Mallela } 139418f6290aSShashi Mallela 139518f6290aSShashi Mallela static const TypeInfo gicv3_its_info = { 139618f6290aSShashi Mallela .name = TYPE_ARM_GICV3_ITS, 139718f6290aSShashi Mallela .parent = TYPE_ARM_GICV3_ITS_COMMON, 139818f6290aSShashi Mallela .instance_size = sizeof(GICv3ITSState), 139918f6290aSShashi Mallela .class_init = gicv3_its_class_init, 140018f6290aSShashi Mallela .class_size = sizeof(GICv3ITSClass), 140118f6290aSShashi Mallela }; 140218f6290aSShashi Mallela 140318f6290aSShashi Mallela static void gicv3_its_register_types(void) 140418f6290aSShashi Mallela { 140518f6290aSShashi Mallela type_register_static(&gicv3_its_info); 140618f6290aSShashi Mallela } 140718f6290aSShashi Mallela 140818f6290aSShashi Mallela type_init(gicv3_its_register_types) 1409