search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
iotests/207: Filter host fingerprint
[qemu.git] / hw / s390x / s390-pci-inst.c
blob6d400d41472e34db2218ae10bcd61c93864b90a5
1 /*
2 * s390 PCI instructions
3 *
4 * Copyright 2014 IBM Corp.
5 * Author(s): Frank Blaschka <frank.blaschka@de.ibm.com>
6 * Hong Bo Li <lihbbj@cn.ibm.com>
7 * Yi Min Zhao <zyimin@cn.ibm.com>
8 *
9 * This work is licensed under the terms of the GNU GPL, version 2 or (at
10 * your option) any later version. See the COPYING file in the top-level
11 * directory.
12 */
13
14 #include "qemu/osdep.h"
15 #include "exec/memop.h"
16 #include "exec/memory-internal.h"
17 #include "qemu/error-report.h"
18 #include "sysemu/hw_accel.h"
19 #include "hw/s390x/s390-pci-inst.h"
20 #include "hw/s390x/s390-pci-bus.h"
21 #include "hw/s390x/tod.h"
22
23 #ifndef DEBUG_S390PCI_INST
24 #define DEBUG_S390PCI_INST 0
25 #endif
26
27 #define DPRINTF(fmt, ...) \
28 do { \
29 if (DEBUG_S390PCI_INST) { \
30 fprintf(stderr, "s390pci-inst: " fmt, ## __VA_ARGS__); \
31 } \
32 } while (0)
33
34 static inline void inc_dma_avail(S390PCIIOMMU *iommu)
35 {
36 if (iommu->dma_limit) {
37 iommu->dma_limit->avail++;
38 }
39 }
40
41 static inline void dec_dma_avail(S390PCIIOMMU *iommu)
42 {
43 if (iommu->dma_limit) {
44 iommu->dma_limit->avail--;
45 }
46 }
47
48 static void s390_set_status_code(CPUS390XState *env,
49 uint8_t r, uint64_t status_code)
50 {
51 env->regs[r] &= ~0xff000000ULL;
52 env->regs[r] |= (status_code & 0xff) << 24;
53 }
54
55 static int list_pci(ClpReqRspListPci *rrb, uint8_t *cc)
56 {
57 S390PCIBusDevice *pbdev = NULL;
58 S390pciState *s = s390_get_phb();
59 uint32_t res_code, initial_l2, g_l2;
60 int rc, i;
61 uint64_t resume_token;
62
63 rc = 0;
64 if (lduw_p(&rrb->request.hdr.len) != 32) {
65 res_code = CLP_RC_LEN;
66 rc = -EINVAL;
67 goto out;
68 }
69
70 if ((ldl_p(&rrb->request.fmt) & CLP_MASK_FMT) != 0) {
71 res_code = CLP_RC_FMT;
72 rc = -EINVAL;
73 goto out;
74 }
75
76 if ((ldl_p(&rrb->request.fmt) & ~CLP_MASK_FMT) != 0 ||
77 ldq_p(&rrb->request.reserved1) != 0) {
78 res_code = CLP_RC_RESNOT0;
79 rc = -EINVAL;
80 goto out;
81 }
82
83 resume_token = ldq_p(&rrb->request.resume_token);
84
85 if (resume_token) {
86 pbdev = s390_pci_find_dev_by_idx(s, resume_token);
87 if (!pbdev) {
88 res_code = CLP_RC_LISTPCI_BADRT;
89 rc = -EINVAL;
90 goto out;
91 }
92 } else {
93 pbdev = s390_pci_find_next_avail_dev(s, NULL);
94 }
95
96 if (lduw_p(&rrb->response.hdr.len) < 48) {
97 res_code = CLP_RC_8K;
98 rc = -EINVAL;
99 goto out;
100 }
101
102 initial_l2 = lduw_p(&rrb->response.hdr.len);
103 if ((initial_l2 - LIST_PCI_HDR_LEN) % sizeof(ClpFhListEntry)
104 != 0) {
105 res_code = CLP_RC_LEN;
106 rc = -EINVAL;
107 *cc = 3;
108 goto out;
109 }
110
111 stl_p(&rrb->response.fmt, 0);
112 stq_p(&rrb->response.reserved1, 0);
113 stl_p(&rrb->response.mdd, FH_MASK_SHM);
114 stw_p(&rrb->response.max_fn, PCI_MAX_FUNCTIONS);
115 rrb->response.flags = UID_CHECKING_ENABLED;
116 rrb->response.entry_size = sizeof(ClpFhListEntry);
117
118 i = 0;
119 g_l2 = LIST_PCI_HDR_LEN;
120 while (g_l2 < initial_l2 && pbdev) {
121 stw_p(&rrb->response.fh_list[i].device_id,
122 pci_get_word(pbdev->pdev->config + PCI_DEVICE_ID));
123 stw_p(&rrb->response.fh_list[i].vendor_id,
124 pci_get_word(pbdev->pdev->config + PCI_VENDOR_ID));
125 /* Ignore RESERVED devices. */
126 stl_p(&rrb->response.fh_list[i].config,
127 pbdev->state == ZPCI_FS_STANDBY ? 0 : 1 << 31);
128 stl_p(&rrb->response.fh_list[i].fid, pbdev->fid);
129 stl_p(&rrb->response.fh_list[i].fh, pbdev->fh);
130
131 g_l2 += sizeof(ClpFhListEntry);
132 /* Add endian check for DPRINTF? */
133 DPRINTF("g_l2 %d vendor id 0x%x device id 0x%x fid 0x%x fh 0x%x\n",
134 g_l2,
135 lduw_p(&rrb->response.fh_list[i].vendor_id),
136 lduw_p(&rrb->response.fh_list[i].device_id),
137 ldl_p(&rrb->response.fh_list[i].fid),
138 ldl_p(&rrb->response.fh_list[i].fh));
139 pbdev = s390_pci_find_next_avail_dev(s, pbdev);
140 i++;
141 }
142
143 if (!pbdev) {
144 resume_token = 0;
145 } else {
146 resume_token = pbdev->fh & FH_MASK_INDEX;
147 }
148 stq_p(&rrb->response.resume_token, resume_token);
149 stw_p(&rrb->response.hdr.len, g_l2);
150 stw_p(&rrb->response.hdr.rsp, CLP_RC_OK);
151 out:
152 if (rc) {
153 DPRINTF("list pci failed rc 0x%x\n", rc);
154 stw_p(&rrb->response.hdr.rsp, res_code);
155 }
156 return rc;
157 }
158
159 int clp_service_call(S390CPU *cpu, uint8_t r2, uintptr_t ra)
160 {
161 ClpReqHdr *reqh;
162 ClpRspHdr *resh;
163 S390PCIBusDevice *pbdev;
164 uint32_t req_len;
165 uint32_t res_len;
166 uint8_t buffer[4096 * 2];
167 uint8_t cc = 0;
168 CPUS390XState *env = &cpu->env;
169 S390pciState *s = s390_get_phb();
170 int i;
171
172 if (env->psw.mask & PSW_MASK_PSTATE) {
173 s390_program_interrupt(env, PGM_PRIVILEGED, ra);
174 return 0;
175 }
176
177 if (s390_cpu_virt_mem_read(cpu, env->regs[r2], r2, buffer, sizeof(*reqh))) {
178 s390_cpu_virt_mem_handle_exc(cpu, ra);
179 return 0;
180 }
181 reqh = (ClpReqHdr *)buffer;
182 req_len = lduw_p(&reqh->len);
183 if (req_len < 16 || req_len > 8184 || (req_len % 8 != 0)) {
184 s390_program_interrupt(env, PGM_OPERAND, ra);
185 return 0;
186 }
187
188 if (s390_cpu_virt_mem_read(cpu, env->regs[r2], r2, buffer,
189 req_len + sizeof(*resh))) {
190 s390_cpu_virt_mem_handle_exc(cpu, ra);
191 return 0;
192 }
193 resh = (ClpRspHdr *)(buffer + req_len);
194 res_len = lduw_p(&resh->len);
195 if (res_len < 8 || res_len > 8176 || (res_len % 8 != 0)) {
196 s390_program_interrupt(env, PGM_OPERAND, ra);
197 return 0;
198 }
199 if ((req_len + res_len) > 8192) {
200 s390_program_interrupt(env, PGM_OPERAND, ra);
201 return 0;
202 }
203
204 if (s390_cpu_virt_mem_read(cpu, env->regs[r2], r2, buffer,
205 req_len + res_len)) {
206 s390_cpu_virt_mem_handle_exc(cpu, ra);
207 return 0;
208 }
209
210 if (req_len != 32) {
211 stw_p(&resh->rsp, CLP_RC_LEN);
212 goto out;
213 }
214
215 switch (lduw_p(&reqh->cmd)) {
216 case CLP_LIST_PCI: {
217 ClpReqRspListPci *rrb = (ClpReqRspListPci *)buffer;
218 list_pci(rrb, &cc);
219 break;
220 }
221 case CLP_SET_PCI_FN: {
222 ClpReqSetPci *reqsetpci = (ClpReqSetPci *)reqh;
223 ClpRspSetPci *ressetpci = (ClpRspSetPci *)resh;
224
225 pbdev = s390_pci_find_dev_by_fh(s, ldl_p(&reqsetpci->fh));
226 if (!pbdev) {
227 stw_p(&ressetpci->hdr.rsp, CLP_RC_SETPCIFN_FH);
228 goto out;
229 }
230
231 switch (reqsetpci->oc) {
232 case CLP_SET_ENABLE_PCI_FN:
233 switch (reqsetpci->ndas) {
234 case 0:
235 stw_p(&ressetpci->hdr.rsp, CLP_RC_SETPCIFN_DMAAS);
236 goto out;
237 case 1:
238 break;
239 default:
240 stw_p(&ressetpci->hdr.rsp, CLP_RC_SETPCIFN_RES);
241 goto out;
242 }
243
244 if (pbdev->fh & FH_MASK_ENABLE) {
245 stw_p(&ressetpci->hdr.rsp, CLP_RC_SETPCIFN_FHOP);
246 goto out;
247 }
248
249 pbdev->fh |= FH_MASK_ENABLE;
250 pbdev->state = ZPCI_FS_ENABLED;
251 stl_p(&ressetpci->fh, pbdev->fh);
252 stw_p(&ressetpci->hdr.rsp, CLP_RC_OK);
253 break;
254 case CLP_SET_DISABLE_PCI_FN:
255 if (!(pbdev->fh & FH_MASK_ENABLE)) {
256 stw_p(&ressetpci->hdr.rsp, CLP_RC_SETPCIFN_FHOP);
257 goto out;
258 }
259 device_legacy_reset(DEVICE(pbdev));
260 pbdev->fh &= ~FH_MASK_ENABLE;
261 pbdev->state = ZPCI_FS_DISABLED;
262 stl_p(&ressetpci->fh, pbdev->fh);
263 stw_p(&ressetpci->hdr.rsp, CLP_RC_OK);
264 break;
265 default:
266 DPRINTF("unknown set pci command\n");
267 stw_p(&ressetpci->hdr.rsp, CLP_RC_SETPCIFN_FHOP);
268 break;
269 }
270 break;
271 }
272 case CLP_QUERY_PCI_FN: {
273 ClpReqQueryPci *reqquery = (ClpReqQueryPci *)reqh;
274 ClpRspQueryPci *resquery = (ClpRspQueryPci *)resh;
275
276 pbdev = s390_pci_find_dev_by_fh(s, ldl_p(&reqquery->fh));
277 if (!pbdev) {
278 DPRINTF("query pci no pci dev\n");
279 stw_p(&resquery->hdr.rsp, CLP_RC_SETPCIFN_FH);
280 goto out;
281 }
282
283 stq_p(&resquery->sdma, pbdev->zpci_fn.sdma);
284 stq_p(&resquery->edma, pbdev->zpci_fn.edma);
285 stw_p(&resquery->pchid, pbdev->zpci_fn.pchid);
286 stw_p(&resquery->vfn, pbdev->zpci_fn.vfn);
287 resquery->flags = pbdev->zpci_fn.flags;
288 resquery->pfgid = pbdev->zpci_fn.pfgid;
289 resquery->pft = pbdev->zpci_fn.pft;
290 resquery->fmbl = pbdev->zpci_fn.fmbl;
291 stl_p(&resquery->fid, pbdev->zpci_fn.fid);
292 stl_p(&resquery->uid, pbdev->zpci_fn.uid);
293 memcpy(resquery->pfip, pbdev->zpci_fn.pfip, CLP_PFIP_NR_SEGMENTS);
294 memcpy(resquery->util_str, pbdev->zpci_fn.util_str, CLP_UTIL_STR_LEN);
295
296 for (i = 0; i < PCI_BAR_COUNT; i++) {
297 uint32_t data = pci_get_long(pbdev->pdev->config +
298 PCI_BASE_ADDRESS_0 + (i * 4));
299
300 stl_p(&resquery->bar[i], data);
301 resquery->bar_size[i] = pbdev->pdev->io_regions[i].size ?
302 ctz64(pbdev->pdev->io_regions[i].size) : 0;
303 DPRINTF("bar %d addr 0x%x size 0x%" PRIx64 "barsize 0x%x\n", i,
304 ldl_p(&resquery->bar[i]),
305 pbdev->pdev->io_regions[i].size,
306 resquery->bar_size[i]);
307 }
308
309 stw_p(&resquery->hdr.rsp, CLP_RC_OK);
310 break;
311 }
312 case CLP_QUERY_PCI_FNGRP: {
313 ClpRspQueryPciGrp *resgrp = (ClpRspQueryPciGrp *)resh;
314
315 ClpReqQueryPciGrp *reqgrp = (ClpReqQueryPciGrp *)reqh;
316 S390PCIGroup *group;
317
318 group = s390_group_find(reqgrp->g);
319 if (!group) {
320 /* We do not allow access to unknown groups */
321 /* The group must have been obtained with a vfio device */
322 stw_p(&resgrp->hdr.rsp, CLP_RC_QUERYPCIFG_PFGID);
323 goto out;
324 }
325 resgrp->fr = group->zpci_group.fr;
326 stq_p(&resgrp->dasm, group->zpci_group.dasm);
327 stq_p(&resgrp->msia, group->zpci_group.msia);
328 stw_p(&resgrp->mui, group->zpci_group.mui);
329 stw_p(&resgrp->i, group->zpci_group.i);
330 stw_p(&resgrp->maxstbl, group->zpci_group.maxstbl);
331 resgrp->version = group->zpci_group.version;
332 resgrp->dtsm = group->zpci_group.dtsm;
333 stw_p(&resgrp->hdr.rsp, CLP_RC_OK);
334 break;
335 }
336 default:
337 DPRINTF("unknown clp command\n");
338 stw_p(&resh->rsp, CLP_RC_CMD);
339 break;
340 }
341
342 out:
343 if (s390_cpu_virt_mem_write(cpu, env->regs[r2], r2, buffer,
344 req_len + res_len)) {
345 s390_cpu_virt_mem_handle_exc(cpu, ra);
346 return 0;
347 }
348 setcc(cpu, cc);
349 return 0;
350 }
351
352 /**
353 * Swap data contained in s390x big endian registers to little endian
354 * PCI bars.
355 *
356 * @ptr: a pointer to a uint64_t data field
357 * @len: the length of the valid data, must be 1,2,4 or 8
358 */
359 static int zpci_endian_swap(uint64_t *ptr, uint8_t len)
360 {
361 uint64_t data = *ptr;
362
363 switch (len) {
364 case 1:
365 break;
366 case 2:
367 data = bswap16(data);
368 break;
369 case 4:
370 data = bswap32(data);
371 break;
372 case 8:
373 data = bswap64(data);
374 break;
375 default:
376 return -EINVAL;
377 }
378 *ptr = data;
379 return 0;
380 }
381
382 static MemoryRegion *s390_get_subregion(MemoryRegion *mr, uint64_t offset,
383 uint8_t len)
384 {
385 MemoryRegion *subregion;
386 uint64_t subregion_size;
387
388 QTAILQ_FOREACH(subregion, &mr->subregions, subregions_link) {
389 subregion_size = int128_get64(subregion->size);
390 if ((offset >= subregion->addr) &&
391 (offset + len) <= (subregion->addr + subregion_size)) {
392 mr = subregion;
393 break;
394 }
395 }
396 return mr;
397 }
398
399 static MemTxResult zpci_read_bar(S390PCIBusDevice *pbdev, uint8_t pcias,
400 uint64_t offset, uint64_t *data, uint8_t len)
401 {
402 MemoryRegion *mr;
403
404 mr = pbdev->pdev->io_regions[pcias].memory;
405 mr = s390_get_subregion(mr, offset, len);
406 offset -= mr->addr;
407 return memory_region_dispatch_read(mr, offset, data,
408 size_memop(len) | MO_BE,
409 MEMTXATTRS_UNSPECIFIED);
410 }
411
412 int pcilg_service_call(S390CPU *cpu, uint8_t r1, uint8_t r2, uintptr_t ra)
413 {
414 CPUS390XState *env = &cpu->env;
415 S390PCIBusDevice *pbdev;
416 uint64_t offset;
417 uint64_t data;
418 MemTxResult result;
419 uint8_t len;
420 uint32_t fh;
421 uint8_t pcias;
422
423 if (env->psw.mask & PSW_MASK_PSTATE) {
424 s390_program_interrupt(env, PGM_PRIVILEGED, ra);
425 return 0;
426 }
427
428 if (r2 & 0x1) {
429 s390_program_interrupt(env, PGM_SPECIFICATION, ra);
430 return 0;
431 }
432
433 fh = env->regs[r2] >> 32;
434 pcias = (env->regs[r2] >> 16) & 0xf;
435 len = env->regs[r2] & 0xf;
436 offset = env->regs[r2 + 1];
437
438 if (!(fh & FH_MASK_ENABLE)) {
439 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
440 return 0;
441 }
442
443 pbdev = s390_pci_find_dev_by_fh(s390_get_phb(), fh);
444 if (!pbdev) {
445 DPRINTF("pcilg no pci dev\n");
446 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
447 return 0;
448 }
449
450 switch (pbdev->state) {
451 case ZPCI_FS_PERMANENT_ERROR:
452 case ZPCI_FS_ERROR:
453 setcc(cpu, ZPCI_PCI_LS_ERR);
454 s390_set_status_code(env, r2, ZPCI_PCI_ST_BLOCKED);
455 return 0;
456 default:
457 break;
458 }
459
460 switch (pcias) {
461 case ZPCI_IO_BAR_MIN...ZPCI_IO_BAR_MAX:
462 if (!len || (len > (8 - (offset & 0x7)))) {
463 s390_program_interrupt(env, PGM_OPERAND, ra);
464 return 0;
465 }
466 result = zpci_read_bar(pbdev, pcias, offset, &data, len);
467 if (result != MEMTX_OK) {
468 s390_program_interrupt(env, PGM_OPERAND, ra);
469 return 0;
470 }
471 break;
472 case ZPCI_CONFIG_BAR:
473 if (!len || (len > (4 - (offset & 0x3))) || len == 3) {
474 s390_program_interrupt(env, PGM_OPERAND, ra);
475 return 0;
476 }
477 data = pci_host_config_read_common(
478 pbdev->pdev, offset, pci_config_size(pbdev->pdev), len);
479
480 if (zpci_endian_swap(&data, len)) {
481 s390_program_interrupt(env, PGM_OPERAND, ra);
482 return 0;
483 }
484 break;
485 default:
486 DPRINTF("pcilg invalid space\n");
487 setcc(cpu, ZPCI_PCI_LS_ERR);
488 s390_set_status_code(env, r2, ZPCI_PCI_ST_INVAL_AS);
489 return 0;
490 }
491
492 pbdev->fmb.counter[ZPCI_FMB_CNT_LD]++;
493
494 env->regs[r1] = data;
495 setcc(cpu, ZPCI_PCI_LS_OK);
496 return 0;
497 }
498
499 static MemTxResult zpci_write_bar(S390PCIBusDevice *pbdev, uint8_t pcias,
500 uint64_t offset, uint64_t data, uint8_t len)
501 {
502 MemoryRegion *mr;
503
504 mr = pbdev->pdev->io_regions[pcias].memory;
505 mr = s390_get_subregion(mr, offset, len);
506 offset -= mr->addr;
507 return memory_region_dispatch_write(mr, offset, data,
508 size_memop(len) | MO_BE,
509 MEMTXATTRS_UNSPECIFIED);
510 }
511
512 int pcistg_service_call(S390CPU *cpu, uint8_t r1, uint8_t r2, uintptr_t ra)
513 {
514 CPUS390XState *env = &cpu->env;
515 uint64_t offset, data;
516 S390PCIBusDevice *pbdev;
517 MemTxResult result;
518 uint8_t len;
519 uint32_t fh;
520 uint8_t pcias;
521
522 if (env->psw.mask & PSW_MASK_PSTATE) {
523 s390_program_interrupt(env, PGM_PRIVILEGED, ra);
524 return 0;
525 }
526
527 if (r2 & 0x1) {
528 s390_program_interrupt(env, PGM_SPECIFICATION, ra);
529 return 0;
530 }
531
532 fh = env->regs[r2] >> 32;
533 pcias = (env->regs[r2] >> 16) & 0xf;
534 len = env->regs[r2] & 0xf;
535 offset = env->regs[r2 + 1];
536 data = env->regs[r1];
537
538 if (!(fh & FH_MASK_ENABLE)) {
539 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
540 return 0;
541 }
542
543 pbdev = s390_pci_find_dev_by_fh(s390_get_phb(), fh);
544 if (!pbdev) {
545 DPRINTF("pcistg no pci dev\n");
546 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
547 return 0;
548 }
549
550 switch (pbdev->state) {
551 /* ZPCI_FS_RESERVED, ZPCI_FS_STANDBY and ZPCI_FS_DISABLED
552 * are already covered by the FH_MASK_ENABLE check above
553 */
554 case ZPCI_FS_PERMANENT_ERROR:
555 case ZPCI_FS_ERROR:
556 setcc(cpu, ZPCI_PCI_LS_ERR);
557 s390_set_status_code(env, r2, ZPCI_PCI_ST_BLOCKED);
558 return 0;
559 default:
560 break;
561 }
562
563 switch (pcias) {
564 /* A ZPCI PCI card may use any BAR from BAR 0 to BAR 5 */
565 case ZPCI_IO_BAR_MIN...ZPCI_IO_BAR_MAX:
566 /* Check length:
567 * A length of 0 is invalid and length should not cross a double word
568 */
569 if (!len || (len > (8 - (offset & 0x7)))) {
570 s390_program_interrupt(env, PGM_OPERAND, ra);
571 return 0;
572 }
573
574 result = zpci_write_bar(pbdev, pcias, offset, data, len);
575 if (result != MEMTX_OK) {
576 s390_program_interrupt(env, PGM_OPERAND, ra);
577 return 0;
578 }
579 break;
580 case ZPCI_CONFIG_BAR:
581 /* ZPCI uses the pseudo BAR number 15 as configuration space */
582 /* possible access lengths are 1,2,4 and must not cross a word */
583 if (!len || (len > (4 - (offset & 0x3))) || len == 3) {
584 s390_program_interrupt(env, PGM_OPERAND, ra);
585 return 0;
586 }
587 /* len = 1,2,4 so we do not need to test */
588 zpci_endian_swap(&data, len);
589 pci_host_config_write_common(pbdev->pdev, offset,
590 pci_config_size(pbdev->pdev),
591 data, len);
592 break;
593 default:
594 DPRINTF("pcistg invalid space\n");
595 setcc(cpu, ZPCI_PCI_LS_ERR);
596 s390_set_status_code(env, r2, ZPCI_PCI_ST_INVAL_AS);
597 return 0;
598 }
599
600 pbdev->fmb.counter[ZPCI_FMB_CNT_ST]++;
601
602 setcc(cpu, ZPCI_PCI_LS_OK);
603 return 0;
604 }
605
606 static uint32_t s390_pci_update_iotlb(S390PCIIOMMU *iommu,
607 S390IOTLBEntry *entry)
608 {
609 S390IOTLBEntry *cache = g_hash_table_lookup(iommu->iotlb, &entry->iova);
610 IOMMUTLBEvent event = {
611 .type = entry->perm ? IOMMU_NOTIFIER_MAP : IOMMU_NOTIFIER_UNMAP,
612 .entry = {
613 .target_as = &address_space_memory,
614 .iova = entry->iova,
615 .translated_addr = entry->translated_addr,
616 .perm = entry->perm,
617 .addr_mask = ~TARGET_PAGE_MASK,
618 },
619 };
620
621 if (event.type == IOMMU_NOTIFIER_UNMAP) {
622 if (!cache) {
623 goto out;
624 }
625 g_hash_table_remove(iommu->iotlb, &entry->iova);
626 inc_dma_avail(iommu);
627 } else {
628 if (cache) {
629 if (cache->perm == entry->perm &&
630 cache->translated_addr == entry->translated_addr) {
631 goto out;
632 }
633
634 event.type = IOMMU_NOTIFIER_UNMAP;
635 event.entry.perm = IOMMU_NONE;
636 memory_region_notify_iommu(&iommu->iommu_mr, 0, event);
637 event.type = IOMMU_NOTIFIER_MAP;
638 event.entry.perm = entry->perm;
639 }
640
641 cache = g_new(S390IOTLBEntry, 1);
642 cache->iova = entry->iova;
643 cache->translated_addr = entry->translated_addr;
644 cache->len = TARGET_PAGE_SIZE;
645 cache->perm = entry->perm;
646 g_hash_table_replace(iommu->iotlb, &cache->iova, cache);
647 dec_dma_avail(iommu);
648 }
649
650 memory_region_notify_iommu(&iommu->iommu_mr, 0, event);
651
652 out:
653 return iommu->dma_limit ? iommu->dma_limit->avail : 1;
654 }
655
656 int rpcit_service_call(S390CPU *cpu, uint8_t r1, uint8_t r2, uintptr_t ra)
657 {
658 CPUS390XState *env = &cpu->env;
659 uint32_t fh;
660 uint16_t error = 0;
661 S390PCIBusDevice *pbdev;
662 S390PCIIOMMU *iommu;
663 S390IOTLBEntry entry;
664 hwaddr start, end;
665 uint32_t dma_avail;
666
667 if (env->psw.mask & PSW_MASK_PSTATE) {
668 s390_program_interrupt(env, PGM_PRIVILEGED, ra);
669 return 0;
670 }
671
672 if (r2 & 0x1) {
673 s390_program_interrupt(env, PGM_SPECIFICATION, ra);
674 return 0;
675 }
676
677 fh = env->regs[r1] >> 32;
678 start = env->regs[r2];
679 end = start + env->regs[r2 + 1];
680
681 pbdev = s390_pci_find_dev_by_fh(s390_get_phb(), fh);
682 if (!pbdev) {
683 DPRINTF("rpcit no pci dev\n");
684 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
685 return 0;
686 }
687
688 switch (pbdev->state) {
689 case ZPCI_FS_RESERVED:
690 case ZPCI_FS_STANDBY:
691 case ZPCI_FS_DISABLED:
692 case ZPCI_FS_PERMANENT_ERROR:
693 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
694 return 0;
695 case ZPCI_FS_ERROR:
696 setcc(cpu, ZPCI_PCI_LS_ERR);
697 s390_set_status_code(env, r1, ZPCI_MOD_ST_ERROR_RECOVER);
698 return 0;
699 default:
700 break;
701 }
702
703 iommu = pbdev->iommu;
704 if (iommu->dma_limit) {
705 dma_avail = iommu->dma_limit->avail;
706 } else {
707 dma_avail = 1;
708 }
709 if (!iommu->g_iota) {
710 error = ERR_EVENT_INVALAS;
711 goto err;
712 }
713
714 if (end < iommu->pba || start > iommu->pal) {
715 error = ERR_EVENT_OORANGE;
716 goto err;
717 }
718
719 while (start < end) {
720 error = s390_guest_io_table_walk(iommu->g_iota, start, &entry);
721 if (error) {
722 break;
723 }
724
725 start += entry.len;
726 while (entry.iova < start && entry.iova < end &&
727 (dma_avail > 0 || entry.perm == IOMMU_NONE)) {
728 dma_avail = s390_pci_update_iotlb(iommu, &entry);
729 entry.iova += TARGET_PAGE_SIZE;
730 entry.translated_addr += TARGET_PAGE_SIZE;
731 }
732 }
733 err:
734 if (error) {
735 pbdev->state = ZPCI_FS_ERROR;
736 setcc(cpu, ZPCI_PCI_LS_ERR);
737 s390_set_status_code(env, r1, ZPCI_PCI_ST_FUNC_IN_ERR);
738 s390_pci_generate_error_event(error, pbdev->fh, pbdev->fid, start, 0);
739 } else {
740 pbdev->fmb.counter[ZPCI_FMB_CNT_RPCIT]++;
741 if (dma_avail > 0) {
742 setcc(cpu, ZPCI_PCI_LS_OK);
743 } else {
744 /* vfio DMA mappings are exhausted, trigger a RPCIT */
745 setcc(cpu, ZPCI_PCI_LS_ERR);
746 s390_set_status_code(env, r1, ZPCI_RPCIT_ST_INSUFF_RES);
747 }
748 }
749 return 0;
750 }
751
752 int pcistb_service_call(S390CPU *cpu, uint8_t r1, uint8_t r3, uint64_t gaddr,
753 uint8_t ar, uintptr_t ra)
754 {
755 CPUS390XState *env = &cpu->env;
756 S390PCIBusDevice *pbdev;
757 MemoryRegion *mr;
758 MemTxResult result;
759 uint64_t offset;
760 int i;
761 uint32_t fh;
762 uint8_t pcias;
763 uint16_t len;
764 uint8_t buffer[128];
765
766 if (env->psw.mask & PSW_MASK_PSTATE) {
767 s390_program_interrupt(env, PGM_PRIVILEGED, ra);
768 return 0;
769 }
770
771 fh = env->regs[r1] >> 32;
772 pcias = (env->regs[r1] >> 16) & 0xf;
773 len = env->regs[r1] & 0x1fff;
774 offset = env->regs[r3];
775
776 if (!(fh & FH_MASK_ENABLE)) {
777 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
778 return 0;
779 }
780
781 pbdev = s390_pci_find_dev_by_fh(s390_get_phb(), fh);
782 if (!pbdev) {
783 DPRINTF("pcistb no pci dev fh 0x%x\n", fh);
784 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
785 return 0;
786 }
787
788 switch (pbdev->state) {
789 case ZPCI_FS_PERMANENT_ERROR:
790 case ZPCI_FS_ERROR:
791 setcc(cpu, ZPCI_PCI_LS_ERR);
792 s390_set_status_code(env, r1, ZPCI_PCI_ST_BLOCKED);
793 return 0;
794 default:
795 break;
796 }
797
798 if (pcias > ZPCI_IO_BAR_MAX) {
799 DPRINTF("pcistb invalid space\n");
800 setcc(cpu, ZPCI_PCI_LS_ERR);
801 s390_set_status_code(env, r1, ZPCI_PCI_ST_INVAL_AS);
802 return 0;
803 }
804
805 /* Verify the address, offset and length */
806 /* offset must be a multiple of 8 */
807 if (offset % 8) {
808 goto specification_error;
809 }
810 /* Length must be greater than 8, a multiple of 8 */
811 /* and not greater than maxstbl */
812 if ((len <= 8) || (len % 8) ||
813 (len > pbdev->pci_group->zpci_group.maxstbl)) {
814 goto specification_error;
815 }
816 /* Do not cross a 4K-byte boundary */
817 if (((offset & 0xfff) + len) > 0x1000) {
818 goto specification_error;
819 }
820 /* Guest address must be double word aligned */
821 if (gaddr & 0x07UL) {
822 goto specification_error;
823 }
824
825 mr = pbdev->pdev->io_regions[pcias].memory;
826 mr = s390_get_subregion(mr, offset, len);
827 offset -= mr->addr;
828
829 for (i = 0; i < len; i += 8) {
830 if (!memory_region_access_valid(mr, offset + i, 8, true,
831 MEMTXATTRS_UNSPECIFIED)) {
832 s390_program_interrupt(env, PGM_OPERAND, ra);
833 return 0;
834 }
835 }
836
837 if (s390_cpu_virt_mem_read(cpu, gaddr, ar, buffer, len)) {
838 s390_cpu_virt_mem_handle_exc(cpu, ra);
839 return 0;
840 }
841
842 for (i = 0; i < len / 8; i++) {
843 result = memory_region_dispatch_write(mr, offset + i * 8,
844 ldq_p(buffer + i * 8),
845 MO_64, MEMTXATTRS_UNSPECIFIED);
846 if (result != MEMTX_OK) {
847 s390_program_interrupt(env, PGM_OPERAND, ra);
848 return 0;
849 }
850 }
851
852 pbdev->fmb.counter[ZPCI_FMB_CNT_STB]++;
853
854 setcc(cpu, ZPCI_PCI_LS_OK);
855 return 0;
856
857 specification_error:
858 s390_program_interrupt(env, PGM_SPECIFICATION, ra);
859 return 0;
860 }
861
862 static int reg_irqs(CPUS390XState *env, S390PCIBusDevice *pbdev, ZpciFib fib)
863 {
864 int ret, len;
865 uint8_t isc = FIB_DATA_ISC(ldl_p(&fib.data));
866
867 pbdev->routes.adapter.adapter_id = css_get_adapter_id(
868 CSS_IO_ADAPTER_PCI, isc);
869 pbdev->summary_ind = get_indicator(ldq_p(&fib.aisb), sizeof(uint64_t));
870 len = BITS_TO_LONGS(FIB_DATA_NOI(ldl_p(&fib.data))) * sizeof(unsigned long);
871 pbdev->indicator = get_indicator(ldq_p(&fib.aibv), len);
872
873 ret = map_indicator(&pbdev->routes.adapter, pbdev->summary_ind);
874 if (ret) {
875 goto out;
876 }
877
878 ret = map_indicator(&pbdev->routes.adapter, pbdev->indicator);
879 if (ret) {
880 goto out;
881 }
882
883 pbdev->routes.adapter.summary_addr = ldq_p(&fib.aisb);
884 pbdev->routes.adapter.summary_offset = FIB_DATA_AISBO(ldl_p(&fib.data));
885 pbdev->routes.adapter.ind_addr = ldq_p(&fib.aibv);
886 pbdev->routes.adapter.ind_offset = FIB_DATA_AIBVO(ldl_p(&fib.data));
887 pbdev->isc = isc;
888 pbdev->noi = FIB_DATA_NOI(ldl_p(&fib.data));
889 pbdev->sum = FIB_DATA_SUM(ldl_p(&fib.data));
890
891 DPRINTF("reg_irqs adapter id %d\n", pbdev->routes.adapter.adapter_id);
892 return 0;
893 out:
894 release_indicator(&pbdev->routes.adapter, pbdev->summary_ind);
895 release_indicator(&pbdev->routes.adapter, pbdev->indicator);
896 pbdev->summary_ind = NULL;
897 pbdev->indicator = NULL;
898 return ret;
899 }
900
901 int pci_dereg_irqs(S390PCIBusDevice *pbdev)
902 {
903 release_indicator(&pbdev->routes.adapter, pbdev->summary_ind);
904 release_indicator(&pbdev->routes.adapter, pbdev->indicator);
905
906 pbdev->summary_ind = NULL;
907 pbdev->indicator = NULL;
908 pbdev->routes.adapter.summary_addr = 0;
909 pbdev->routes.adapter.summary_offset = 0;
910 pbdev->routes.adapter.ind_addr = 0;
911 pbdev->routes.adapter.ind_offset = 0;
912 pbdev->isc = 0;
913 pbdev->noi = 0;
914 pbdev->sum = 0;
915
916 DPRINTF("dereg_irqs adapter id %d\n", pbdev->routes.adapter.adapter_id);
917 return 0;
918 }
919
920 static int reg_ioat(CPUS390XState *env, S390PCIBusDevice *pbdev, ZpciFib fib,
921 uintptr_t ra)
922 {
923 S390PCIIOMMU *iommu = pbdev->iommu;
924 uint64_t pba = ldq_p(&fib.pba);
925 uint64_t pal = ldq_p(&fib.pal);
926 uint64_t g_iota = ldq_p(&fib.iota);
927 uint8_t dt = (g_iota >> 2) & 0x7;
928 uint8_t t = (g_iota >> 11) & 0x1;
929
930 pba &= ~0xfff;
931 pal |= 0xfff;
932 if (pba > pal || pba < pbdev->zpci_fn.sdma || pal > pbdev->zpci_fn.edma) {
933 s390_program_interrupt(env, PGM_OPERAND, ra);
934 return -EINVAL;
935 }
936
937 /* currently we only support designation type 1 with translation */
938 if (!(dt == ZPCI_IOTA_RTTO && t)) {
939 error_report("unsupported ioat dt %d t %d", dt, t);
940 s390_program_interrupt(env, PGM_OPERAND, ra);
941 return -EINVAL;
942 }
943
944 iommu->pba = pba;
945 iommu->pal = pal;
946 iommu->g_iota = g_iota;
947
948 s390_pci_iommu_enable(iommu);
949
950 return 0;
951 }
952
953 void pci_dereg_ioat(S390PCIIOMMU *iommu)
954 {
955 s390_pci_iommu_disable(iommu);
956 iommu->pba = 0;
957 iommu->pal = 0;
958 iommu->g_iota = 0;
959 }
960
961 void fmb_timer_free(S390PCIBusDevice *pbdev)
962 {
963 if (pbdev->fmb_timer) {
964 timer_free(pbdev->fmb_timer);
965 pbdev->fmb_timer = NULL;
966 }
967 pbdev->fmb_addr = 0;
968 memset(&pbdev->fmb, 0, sizeof(ZpciFmb));
969 }
970
971 static int fmb_do_update(S390PCIBusDevice *pbdev, int offset, uint64_t val,
972 int len)
973 {
974 MemTxResult ret;
975 uint64_t dst = pbdev->fmb_addr + offset;
976
977 switch (len) {
978 case 8:
979 address_space_stq_be(&address_space_memory, dst, val,
980 MEMTXATTRS_UNSPECIFIED,
981 &ret);
982 break;
983 case 4:
984 address_space_stl_be(&address_space_memory, dst, val,
985 MEMTXATTRS_UNSPECIFIED,
986 &ret);
987 break;
988 case 2:
989 address_space_stw_be(&address_space_memory, dst, val,
990 MEMTXATTRS_UNSPECIFIED,
991 &ret);
992 break;
993 case 1:
994 address_space_stb(&address_space_memory, dst, val,
995 MEMTXATTRS_UNSPECIFIED,
996 &ret);
997 break;
998 default:
999 ret = MEMTX_ERROR;
1000 break;
1001 }
1002 if (ret != MEMTX_OK) {
1003 s390_pci_generate_error_event(ERR_EVENT_FMBA, pbdev->fh, pbdev->fid,
1004 pbdev->fmb_addr, 0);
1005 fmb_timer_free(pbdev);
1006 }
1007
1008 return ret;
1009 }
1010
1011 static void fmb_update(void *opaque)
1012 {
1013 S390PCIBusDevice *pbdev = opaque;
1014 int64_t t = qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL);
1015 int i;
1016
1017 /* Update U bit */
1018 pbdev->fmb.last_update *= 2;
1019 pbdev->fmb.last_update |= UPDATE_U_BIT;
1020 if (fmb_do_update(pbdev, offsetof(ZpciFmb, last_update),
1021 pbdev->fmb.last_update,
1022 sizeof(pbdev->fmb.last_update))) {
1023 return;
1024 }
1025
1026 /* Update FMB sample count */
1027 if (fmb_do_update(pbdev, offsetof(ZpciFmb, sample),
1028 pbdev->fmb.sample++,
1029 sizeof(pbdev->fmb.sample))) {
1030 return;
1031 }
1032
1033 /* Update FMB counters */
1034 for (i = 0; i < ZPCI_FMB_CNT_MAX; i++) {
1035 if (fmb_do_update(pbdev, offsetof(ZpciFmb, counter[i]),
1036 pbdev->fmb.counter[i],
1037 sizeof(pbdev->fmb.counter[0]))) {
1038 return;
1039 }
1040 }
1041
1042 /* Clear U bit and update the time */
1043 pbdev->fmb.last_update = time2tod(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
1044 pbdev->fmb.last_update *= 2;
1045 if (fmb_do_update(pbdev, offsetof(ZpciFmb, last_update),
1046 pbdev->fmb.last_update,
1047 sizeof(pbdev->fmb.last_update))) {
1048 return;
1049 }
1050 timer_mod(pbdev->fmb_timer, t + pbdev->pci_group->zpci_group.mui);
1051 }
1052
1053 int mpcifc_service_call(S390CPU *cpu, uint8_t r1, uint64_t fiba, uint8_t ar,
1054 uintptr_t ra)
1055 {
1056 CPUS390XState *env = &cpu->env;
1057 uint8_t oc, dmaas;
1058 uint32_t fh;
1059 ZpciFib fib;
1060 S390PCIBusDevice *pbdev;
1061 uint64_t cc = ZPCI_PCI_LS_OK;
1062
1063 if (env->psw.mask & PSW_MASK_PSTATE) {
1064 s390_program_interrupt(env, PGM_PRIVILEGED, ra);
1065 return 0;
1066 }
1067
1068 oc = env->regs[r1] & 0xff;
1069 dmaas = (env->regs[r1] >> 16) & 0xff;
1070 fh = env->regs[r1] >> 32;
1071
1072 if (fiba & 0x7) {
1073 s390_program_interrupt(env, PGM_SPECIFICATION, ra);
1074 return 0;
1075 }
1076
1077 pbdev = s390_pci_find_dev_by_fh(s390_get_phb(), fh);
1078 if (!pbdev) {
1079 DPRINTF("mpcifc no pci dev fh 0x%x\n", fh);
1080 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
1081 return 0;
1082 }
1083
1084 switch (pbdev->state) {
1085 case ZPCI_FS_RESERVED:
1086 case ZPCI_FS_STANDBY:
1087 case ZPCI_FS_DISABLED:
1088 case ZPCI_FS_PERMANENT_ERROR:
1089 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
1090 return 0;
1091 default:
1092 break;
1093 }
1094
1095 if (s390_cpu_virt_mem_read(cpu, fiba, ar, (uint8_t *)&fib, sizeof(fib))) {
1096 s390_cpu_virt_mem_handle_exc(cpu, ra);
1097 return 0;
1098 }
1099
1100 if (fib.fmt != 0) {
1101 s390_program_interrupt(env, PGM_OPERAND, ra);
1102 return 0;
1103 }
1104
1105 switch (oc) {
1106 case ZPCI_MOD_FC_REG_INT:
1107 if (pbdev->summary_ind) {
1108 cc = ZPCI_PCI_LS_ERR;
1109 s390_set_status_code(env, r1, ZPCI_MOD_ST_SEQUENCE);
1110 } else if (reg_irqs(env, pbdev, fib)) {
1111 cc = ZPCI_PCI_LS_ERR;
1112 s390_set_status_code(env, r1, ZPCI_MOD_ST_RES_NOT_AVAIL);
1113 }
1114 break;
1115 case ZPCI_MOD_FC_DEREG_INT:
1116 if (!pbdev->summary_ind) {
1117 cc = ZPCI_PCI_LS_ERR;
1118 s390_set_status_code(env, r1, ZPCI_MOD_ST_SEQUENCE);
1119 } else {
1120 pci_dereg_irqs(pbdev);
1121 }
1122 break;
1123 case ZPCI_MOD_FC_REG_IOAT:
1124 if (dmaas != 0) {
1125 cc = ZPCI_PCI_LS_ERR;
1126 s390_set_status_code(env, r1, ZPCI_MOD_ST_DMAAS_INVAL);
1127 } else if (pbdev->iommu->enabled) {
1128 cc = ZPCI_PCI_LS_ERR;
1129 s390_set_status_code(env, r1, ZPCI_MOD_ST_SEQUENCE);
1130 } else if (reg_ioat(env, pbdev, fib, ra)) {
1131 cc = ZPCI_PCI_LS_ERR;
1132 s390_set_status_code(env, r1, ZPCI_MOD_ST_INSUF_RES);
1133 }
1134 break;
1135 case ZPCI_MOD_FC_DEREG_IOAT:
1136 if (dmaas != 0) {
1137 cc = ZPCI_PCI_LS_ERR;
1138 s390_set_status_code(env, r1, ZPCI_MOD_ST_DMAAS_INVAL);
1139 } else if (!pbdev->iommu->enabled) {
1140 cc = ZPCI_PCI_LS_ERR;
1141 s390_set_status_code(env, r1, ZPCI_MOD_ST_SEQUENCE);
1142 } else {
1143 pci_dereg_ioat(pbdev->iommu);
1144 }
1145 break;
1146 case ZPCI_MOD_FC_REREG_IOAT:
1147 if (dmaas != 0) {
1148 cc = ZPCI_PCI_LS_ERR;
1149 s390_set_status_code(env, r1, ZPCI_MOD_ST_DMAAS_INVAL);
1150 } else if (!pbdev->iommu->enabled) {
1151 cc = ZPCI_PCI_LS_ERR;
1152 s390_set_status_code(env, r1, ZPCI_MOD_ST_SEQUENCE);
1153 } else {
1154 pci_dereg_ioat(pbdev->iommu);
1155 if (reg_ioat(env, pbdev, fib, ra)) {
1156 cc = ZPCI_PCI_LS_ERR;
1157 s390_set_status_code(env, r1, ZPCI_MOD_ST_INSUF_RES);
1158 }
1159 }
1160 break;
1161 case ZPCI_MOD_FC_RESET_ERROR:
1162 switch (pbdev->state) {
1163 case ZPCI_FS_BLOCKED:
1164 case ZPCI_FS_ERROR:
1165 pbdev->state = ZPCI_FS_ENABLED;
1166 break;
1167 default:
1168 cc = ZPCI_PCI_LS_ERR;
1169 s390_set_status_code(env, r1, ZPCI_MOD_ST_SEQUENCE);
1170 }
1171 break;
1172 case ZPCI_MOD_FC_RESET_BLOCK:
1173 switch (pbdev->state) {
1174 case ZPCI_FS_ERROR:
1175 pbdev->state = ZPCI_FS_BLOCKED;
1176 break;
1177 default:
1178 cc = ZPCI_PCI_LS_ERR;
1179 s390_set_status_code(env, r1, ZPCI_MOD_ST_SEQUENCE);
1180 }
1181 break;
1182 case ZPCI_MOD_FC_SET_MEASURE: {
1183 uint64_t fmb_addr = ldq_p(&fib.fmb_addr);
1184
1185 if (fmb_addr & FMBK_MASK) {
1186 cc = ZPCI_PCI_LS_ERR;
1187 s390_pci_generate_error_event(ERR_EVENT_FMBPRO, pbdev->fh,
1188 pbdev->fid, fmb_addr, 0);
1189 fmb_timer_free(pbdev);
1190 break;
1191 }
1192
1193 if (!fmb_addr) {
1194 /* Stop updating FMB. */
1195 fmb_timer_free(pbdev);
1196 break;
1197 }
1198
1199 if (!pbdev->fmb_timer) {
1200 pbdev->fmb_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL,
1201 fmb_update, pbdev);
1202 } else if (timer_pending(pbdev->fmb_timer)) {
1203 /* Remove pending timer to update FMB address. */
1204 timer_del(pbdev->fmb_timer);
1205 }
1206 pbdev->fmb_addr = fmb_addr;
1207 timer_mod(pbdev->fmb_timer,
1208 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) +
1209 pbdev->pci_group->zpci_group.mui);
1210 break;
1211 }
1212 default:
1213 s390_program_interrupt(&cpu->env, PGM_OPERAND, ra);
1214 cc = ZPCI_PCI_LS_ERR;
1215 }
1216
1217 setcc(cpu, cc);
1218 return 0;
1219 }
1220
1221 int stpcifc_service_call(S390CPU *cpu, uint8_t r1, uint64_t fiba, uint8_t ar,
1222 uintptr_t ra)
1223 {
1224 CPUS390XState *env = &cpu->env;
1225 uint8_t dmaas;
1226 uint32_t fh;
1227 ZpciFib fib;
1228 S390PCIBusDevice *pbdev;
1229 uint32_t data;
1230 uint64_t cc = ZPCI_PCI_LS_OK;
1231
1232 if (env->psw.mask & PSW_MASK_PSTATE) {
1233 s390_program_interrupt(env, PGM_PRIVILEGED, ra);
1234 return 0;
1235 }
1236
1237 fh = env->regs[r1] >> 32;
1238 dmaas = (env->regs[r1] >> 16) & 0xff;
1239
1240 if (dmaas) {
1241 setcc(cpu, ZPCI_PCI_LS_ERR);
1242 s390_set_status_code(env, r1, ZPCI_STPCIFC_ST_INVAL_DMAAS);
1243 return 0;
1244 }
1245
1246 if (fiba & 0x7) {
1247 s390_program_interrupt(env, PGM_SPECIFICATION, ra);
1248 return 0;
1249 }
1250
1251 pbdev = s390_pci_find_dev_by_idx(s390_get_phb(), fh & FH_MASK_INDEX);
1252 if (!pbdev) {
1253 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
1254 return 0;
1255 }
1256
1257 memset(&fib, 0, sizeof(fib));
1258
1259 switch (pbdev->state) {
1260 case ZPCI_FS_RESERVED:
1261 case ZPCI_FS_STANDBY:
1262 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
1263 return 0;
1264 case ZPCI_FS_DISABLED:
1265 if (fh & FH_MASK_ENABLE) {
1266 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
1267 return 0;
1268 }
1269 goto out;
1270 /* BLOCKED bit is set to one coincident with the setting of ERROR bit.
1271 * FH Enabled bit is set to one in states of ENABLED, BLOCKED or ERROR. */
1272 case ZPCI_FS_ERROR:
1273 fib.fc |= 0x20;
1274 /* fallthrough */
1275 case ZPCI_FS_BLOCKED:
1276 fib.fc |= 0x40;
1277 /* fallthrough */
1278 case ZPCI_FS_ENABLED:
1279 fib.fc |= 0x80;
1280 if (pbdev->iommu->enabled) {
1281 fib.fc |= 0x10;
1282 }
1283 if (!(fh & FH_MASK_ENABLE)) {
1284 env->regs[r1] |= 1ULL << 63;
1285 }
1286 break;
1287 case ZPCI_FS_PERMANENT_ERROR:
1288 setcc(cpu, ZPCI_PCI_LS_ERR);
1289 s390_set_status_code(env, r1, ZPCI_STPCIFC_ST_PERM_ERROR);
1290 return 0;
1291 }
1292
1293 stq_p(&fib.pba, pbdev->iommu->pba);
1294 stq_p(&fib.pal, pbdev->iommu->pal);
1295 stq_p(&fib.iota, pbdev->iommu->g_iota);
1296 stq_p(&fib.aibv, pbdev->routes.adapter.ind_addr);
1297 stq_p(&fib.aisb, pbdev->routes.adapter.summary_addr);
1298 stq_p(&fib.fmb_addr, pbdev->fmb_addr);
1299
1300 data = ((uint32_t)pbdev->isc << 28) | ((uint32_t)pbdev->noi << 16) |
1301 ((uint32_t)pbdev->routes.adapter.ind_offset << 8) |
1302 ((uint32_t)pbdev->sum << 7) | pbdev->routes.adapter.summary_offset;
1303 stl_p(&fib.data, data);
1304
1305 out:
1306 if (s390_cpu_virt_mem_write(cpu, fiba, ar, (uint8_t *)&fib, sizeof(fib))) {
1307 s390_cpu_virt_mem_handle_exc(cpu, ra);
1308 return 0;
1309 }
1310
1311 setcc(cpu, cc);
1312 return 0;
1313 }
QEmu