2 * QEMU emulation of an Intel IOMMU (VT-d)
3 * (DMA Remapping device)
5 * Copyright (C) 2013 Knut Omang, Oracle <knut.omang@oracle.com>
6 * Copyright (C) 2014 Le Tan, <tamlokveer@gmail.com>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, see <http://www.gnu.org/licenses/>.
21 * Lots of defines copied from kernel/include/linux/intel-iommu.h:
22 * Copyright (C) 2006-2008 Intel Corporation
23 * Author: Ashok Raj <ashok.raj@intel.com>
24 * Author: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
28 #ifndef HW_I386_INTEL_IOMMU_INTERNAL_H
29 #define HW_I386_INTEL_IOMMU_INTERNAL_H
30 #include "hw/i386/intel_iommu.h"
33 * Intel IOMMU register specification
35 #define DMAR_VER_REG 0x0 /* Arch version supported by this IOMMU */
36 #define DMAR_CAP_REG 0x8 /* Hardware supported capabilities */
37 #define DMAR_CAP_REG_HI 0xc /* High 32-bit of DMAR_CAP_REG */
38 #define DMAR_ECAP_REG 0x10 /* Extended capabilities supported */
39 #define DMAR_ECAP_REG_HI 0X14
40 #define DMAR_GCMD_REG 0x18 /* Global command */
41 #define DMAR_GSTS_REG 0x1c /* Global status */
42 #define DMAR_RTADDR_REG 0x20 /* Root entry table */
43 #define DMAR_RTADDR_REG_HI 0X24
44 #define DMAR_CCMD_REG 0x28 /* Context command */
45 #define DMAR_CCMD_REG_HI 0x2c
46 #define DMAR_FSTS_REG 0x34 /* Fault status */
47 #define DMAR_FECTL_REG 0x38 /* Fault control */
48 #define DMAR_FEDATA_REG 0x3c /* Fault event interrupt data */
49 #define DMAR_FEADDR_REG 0x40 /* Fault event interrupt addr */
50 #define DMAR_FEUADDR_REG 0x44 /* Upper address */
51 #define DMAR_AFLOG_REG 0x58 /* Advanced fault control */
52 #define DMAR_AFLOG_REG_HI 0X5c
53 #define DMAR_PMEN_REG 0x64 /* Enable protected memory region */
54 #define DMAR_PLMBASE_REG 0x68 /* PMRR low addr */
55 #define DMAR_PLMLIMIT_REG 0x6c /* PMRR low limit */
56 #define DMAR_PHMBASE_REG 0x70 /* PMRR high base addr */
57 #define DMAR_PHMBASE_REG_HI 0X74
58 #define DMAR_PHMLIMIT_REG 0x78 /* PMRR high limit */
59 #define DMAR_PHMLIMIT_REG_HI 0x7c
60 #define DMAR_IQH_REG 0x80 /* Invalidation queue head */
61 #define DMAR_IQH_REG_HI 0X84
62 #define DMAR_IQT_REG 0x88 /* Invalidation queue tail */
63 #define DMAR_IQT_REG_HI 0X8c
64 #define DMAR_IQA_REG 0x90 /* Invalidation queue addr */
65 #define DMAR_IQA_REG_HI 0x94
66 #define DMAR_ICS_REG 0x9c /* Invalidation complete status */
67 #define DMAR_IRTA_REG 0xb8 /* Interrupt remapping table addr */
68 #define DMAR_IRTA_REG_HI 0xbc
69 #define DMAR_IECTL_REG 0xa0 /* Invalidation event control */
70 #define DMAR_IEDATA_REG 0xa4 /* Invalidation event data */
71 #define DMAR_IEADDR_REG 0xa8 /* Invalidation event address */
72 #define DMAR_IEUADDR_REG 0xac /* Invalidation event address */
73 #define DMAR_PQH_REG 0xc0 /* Page request queue head */
74 #define DMAR_PQH_REG_HI 0xc4
75 #define DMAR_PQT_REG 0xc8 /* Page request queue tail*/
76 #define DMAR_PQT_REG_HI 0xcc
77 #define DMAR_PQA_REG 0xd0 /* Page request queue address */
78 #define DMAR_PQA_REG_HI 0xd4
79 #define DMAR_PRS_REG 0xdc /* Page request status */
80 #define DMAR_PECTL_REG 0xe0 /* Page request event control */
81 #define DMAR_PEDATA_REG 0xe4 /* Page request event data */
82 #define DMAR_PEADDR_REG 0xe8 /* Page request event address */
83 #define DMAR_PEUADDR_REG 0xec /* Page event upper address */
84 #define DMAR_MTRRCAP_REG 0x100 /* MTRR capability */
85 #define DMAR_MTRRCAP_REG_HI 0x104
86 #define DMAR_MTRRDEF_REG 0x108 /* MTRR default type */
87 #define DMAR_MTRRDEF_REG_HI 0x10c
90 #define DMAR_IOTLB_REG_OFFSET 0xf0 /* Offset to the IOTLB registers */
91 #define DMAR_IVA_REG DMAR_IOTLB_REG_OFFSET /* Invalidate address */
92 #define DMAR_IVA_REG_HI (DMAR_IVA_REG + 4)
93 /* IOTLB invalidate register */
94 #define DMAR_IOTLB_REG (DMAR_IOTLB_REG_OFFSET + 0x8)
95 #define DMAR_IOTLB_REG_HI (DMAR_IOTLB_REG + 4)
98 #define DMAR_FRCD_REG_OFFSET 0x220 /* Offset to the fault recording regs */
99 /* NOTICE: If you change the DMAR_FRCD_REG_NR, please remember to change the
100 * DMAR_REG_SIZE in include/hw/i386/intel_iommu.h.
101 * #define DMAR_REG_SIZE (DMAR_FRCD_REG_OFFSET + 16 * DMAR_FRCD_REG_NR)
103 #define DMAR_FRCD_REG_NR 1ULL /* Num of fault recording regs */
105 #define DMAR_FRCD_REG_0_0 0x220 /* The 0th fault recording regs */
106 #define DMAR_FRCD_REG_0_1 0x224
107 #define DMAR_FRCD_REG_0_2 0x228
108 #define DMAR_FRCD_REG_0_3 0x22c
110 /* Interrupt Address Range */
111 #define VTD_INTERRUPT_ADDR_FIRST 0xfee00000ULL
112 #define VTD_INTERRUPT_ADDR_LAST 0xfeefffffULL
113 #define VTD_INTERRUPT_ADDR_SIZE (VTD_INTERRUPT_ADDR_LAST - \
114 VTD_INTERRUPT_ADDR_FIRST + 1)
116 /* The shift of source_id in the key of IOTLB hash table */
117 #define VTD_IOTLB_SID_SHIFT 36
118 #define VTD_IOTLB_LVL_SHIFT 52
119 #define VTD_IOTLB_MAX_SIZE 1024 /* Max size of the hash table */
122 #define VTD_TLB_GLOBAL_FLUSH (1ULL << 60) /* Global invalidation */
123 #define VTD_TLB_DSI_FLUSH (2ULL << 60) /* Domain-selective */
124 #define VTD_TLB_PSI_FLUSH (3ULL << 60) /* Page-selective */
125 #define VTD_TLB_FLUSH_GRANU_MASK (3ULL << 60)
126 #define VTD_TLB_GLOBAL_FLUSH_A (1ULL << 57)
127 #define VTD_TLB_DSI_FLUSH_A (2ULL << 57)
128 #define VTD_TLB_PSI_FLUSH_A (3ULL << 57)
129 #define VTD_TLB_FLUSH_GRANU_MASK_A (3ULL << 57)
130 #define VTD_TLB_IVT (1ULL << 63)
131 #define VTD_TLB_DID(val) (((val) >> 32) & VTD_DOMAIN_ID_MASK)
134 #define VTD_IVA_ADDR(val) ((val) & ~0xfffULL & ((1ULL << VTD_MGAW) - 1))
135 #define VTD_IVA_AM(val) ((val) & 0x3fULL)
138 #define VTD_GCMD_TE (1UL << 31)
139 #define VTD_GCMD_SRTP (1UL << 30)
140 #define VTD_GCMD_SFL (1UL << 29)
141 #define VTD_GCMD_EAFL (1UL << 28)
142 #define VTD_GCMD_WBF (1UL << 27)
143 #define VTD_GCMD_QIE (1UL << 26)
144 #define VTD_GCMD_IRE (1UL << 25)
145 #define VTD_GCMD_SIRTP (1UL << 24)
146 #define VTD_GCMD_CFI (1UL << 23)
149 #define VTD_GSTS_TES (1UL << 31)
150 #define VTD_GSTS_RTPS (1UL << 30)
151 #define VTD_GSTS_FLS (1UL << 29)
152 #define VTD_GSTS_AFLS (1UL << 28)
153 #define VTD_GSTS_WBFS (1UL << 27)
154 #define VTD_GSTS_QIES (1UL << 26)
155 #define VTD_GSTS_IRES (1UL << 25)
156 #define VTD_GSTS_IRTPS (1UL << 24)
157 #define VTD_GSTS_CFIS (1UL << 23)
160 #define VTD_CCMD_ICC (1ULL << 63)
161 #define VTD_CCMD_GLOBAL_INVL (1ULL << 61)
162 #define VTD_CCMD_DOMAIN_INVL (2ULL << 61)
163 #define VTD_CCMD_DEVICE_INVL (3ULL << 61)
164 #define VTD_CCMD_CIRG_MASK (3ULL << 61)
165 #define VTD_CCMD_GLOBAL_INVL_A (1ULL << 59)
166 #define VTD_CCMD_DOMAIN_INVL_A (2ULL << 59)
167 #define VTD_CCMD_DEVICE_INVL_A (3ULL << 59)
168 #define VTD_CCMD_CAIG_MASK (3ULL << 59)
169 #define VTD_CCMD_DID(val) ((val) & VTD_DOMAIN_ID_MASK)
170 #define VTD_CCMD_SID(val) (((val) >> 16) & 0xffffULL)
171 #define VTD_CCMD_FM(val) (((val) >> 32) & 3ULL)
174 #define VTD_RTADDR_RTT (1ULL << 11)
175 #define VTD_RTADDR_ADDR_MASK (VTD_HAW_MASK ^ 0xfffULL)
178 #define VTD_IRTA_ADDR_MASK (VTD_HAW_MASK ^ 0xfffULL)
179 #define VTD_IRTA_EIME (1ULL << 11)
180 #define VTD_IRTA_SIZE_MASK (0xfULL)
183 /* (offset >> 4) << 8 */
184 #define VTD_ECAP_IRO (DMAR_IOTLB_REG_OFFSET << 4)
185 #define VTD_ECAP_QI (1ULL << 1)
186 /* Interrupt Remapping support */
187 #define VTD_ECAP_IR (1ULL << 3)
188 #define VTD_ECAP_EIM (1ULL << 4)
189 #define VTD_ECAP_MHMV (15ULL << 20)
192 /* (offset >> 4) << 24 */
193 #define VTD_CAP_FRO (DMAR_FRCD_REG_OFFSET << 20)
194 #define VTD_CAP_NFR ((DMAR_FRCD_REG_NR - 1) << 40)
195 #define VTD_DOMAIN_ID_SHIFT 16 /* 16-bit domain id for 64K domains */
196 #define VTD_DOMAIN_ID_MASK ((1UL << VTD_DOMAIN_ID_SHIFT) - 1)
197 #define VTD_CAP_ND (((VTD_DOMAIN_ID_SHIFT - 4) / 2) & 7ULL)
198 #define VTD_MGAW 39 /* Maximum Guest Address Width */
199 #define VTD_CAP_MGAW (((VTD_MGAW - 1) & 0x3fULL) << 16)
200 #define VTD_MAMV 18ULL
201 #define VTD_CAP_MAMV (VTD_MAMV << 48)
202 #define VTD_CAP_PSI (1ULL << 39)
203 #define VTD_CAP_SLLPS ((1ULL << 34) | (1ULL << 35))
205 /* Supported Adjusted Guest Address Widths */
206 #define VTD_CAP_SAGAW_SHIFT 8
207 #define VTD_CAP_SAGAW_MASK (0x1fULL << VTD_CAP_SAGAW_SHIFT)
208 /* 39-bit AGAW, 3-level page-table */
209 #define VTD_CAP_SAGAW_39bit (0x2ULL << VTD_CAP_SAGAW_SHIFT)
210 /* 48-bit AGAW, 4-level page-table */
211 #define VTD_CAP_SAGAW_48bit (0x4ULL << VTD_CAP_SAGAW_SHIFT)
212 #define VTD_CAP_SAGAW VTD_CAP_SAGAW_39bit
215 #define VTD_IQT_QT(val) (((val) >> 4) & 0x7fffULL)
218 #define VTD_IQA_IQA_MASK (VTD_HAW_MASK ^ 0xfffULL)
219 #define VTD_IQA_QS 0x7ULL
222 #define VTD_IQH_QH_SHIFT 4
223 #define VTD_IQH_QH_MASK 0x7fff0ULL
226 #define VTD_ICS_IWC 1UL
229 #define VTD_IECTL_IM (1UL << 31)
230 #define VTD_IECTL_IP (1UL << 30)
233 #define VTD_FSTS_FRI_MASK 0xff00UL
234 #define VTD_FSTS_FRI(val) ((((uint32_t)(val)) << 8) & VTD_FSTS_FRI_MASK)
235 #define VTD_FSTS_IQE (1UL << 4)
236 #define VTD_FSTS_PPF (1UL << 1)
237 #define VTD_FSTS_PFO 1UL
240 #define VTD_FECTL_IM (1UL << 31)
241 #define VTD_FECTL_IP (1UL << 30)
243 /* Fault Recording Register */
244 /* For the high 64-bit of 128-bit */
245 #define VTD_FRCD_F (1ULL << 63)
246 #define VTD_FRCD_T (1ULL << 62)
247 #define VTD_FRCD_FR(val) (((val) & 0xffULL) << 32)
248 #define VTD_FRCD_SID_MASK 0xffffULL
249 #define VTD_FRCD_SID(val) ((val) & VTD_FRCD_SID_MASK)
250 /* For the low 64-bit of 128-bit */
251 #define VTD_FRCD_FI(val) ((val) & (((1ULL << VTD_MGAW) - 1) ^ 0xfffULL))
253 /* DMA Remapping Fault Conditions */
254 typedef enum VTDFaultReason
{
255 VTD_FR_RESERVED
= 0, /* Reserved for Advanced Fault logging */
256 VTD_FR_ROOT_ENTRY_P
= 1, /* The Present(P) field of root-entry is 0 */
257 VTD_FR_CONTEXT_ENTRY_P
, /* The Present(P) field of context-entry is 0 */
258 VTD_FR_CONTEXT_ENTRY_INV
, /* Invalid programming of a context-entry */
259 VTD_FR_ADDR_BEYOND_MGAW
, /* Input-address above (2^x-1) */
260 VTD_FR_WRITE
, /* No write permission */
261 VTD_FR_READ
, /* No read permission */
262 /* Fail to access a second-level paging entry (not SL_PML4E) */
263 VTD_FR_PAGING_ENTRY_INV
,
264 VTD_FR_ROOT_TABLE_INV
, /* Fail to access a root-entry */
265 VTD_FR_CONTEXT_TABLE_INV
, /* Fail to access a context-entry */
266 /* Non-zero reserved field in a present root-entry */
267 VTD_FR_ROOT_ENTRY_RSVD
,
268 /* Non-zero reserved field in a present context-entry */
269 VTD_FR_CONTEXT_ENTRY_RSVD
,
270 /* Non-zero reserved field in a second-level paging entry with at lease one
271 * Read(R) and Write(W) or Execute(E) field is Set.
273 VTD_FR_PAGING_ENTRY_RSVD
,
274 /* Translation request or translated request explicitly blocked dut to the
275 * programming of the Translation Type (T) field in the present
278 VTD_FR_CONTEXT_ENTRY_TT
,
280 /* Interrupt remapping transition faults */
281 VTD_FR_IR_REQ_RSVD
= 0x20, /* One or more IR request reserved
283 VTD_FR_IR_INDEX_OVER
= 0x21, /* Index value greater than max */
284 VTD_FR_IR_ENTRY_P
= 0x22, /* Present (P) not set in IRTE */
285 VTD_FR_IR_ROOT_INVAL
= 0x23, /* IR Root table invalid */
286 VTD_FR_IR_IRTE_RSVD
= 0x24, /* IRTE Rsvd field non-zero with
287 * Present flag set */
288 VTD_FR_IR_REQ_COMPAT
= 0x25, /* Encountered compatible IR
289 * request while disabled */
290 VTD_FR_IR_SID_ERR
= 0x26, /* Invalid Source-ID */
292 /* This is not a normal fault reason. We use this to indicate some faults
293 * that are not referenced by the VT-d specification.
294 * Fault event with such reason should not be recorded.
297 VTD_FR_MAX
, /* Guard */
300 #define VTD_CONTEXT_CACHE_GEN_MAX 0xffffffffUL
302 /* Interrupt Entry Cache Invalidation Descriptor: VT-d 6.5.2.7. */
303 struct VTDInvDescIEC
{
304 uint32_t type
:4; /* Should always be 0x4 */
305 uint32_t granularity
:1; /* If set, it's global IR invalidation */
306 uint32_t resved_1
:22;
307 uint32_t index_mask
:5; /* 2^N for continuous int invalidation */
308 uint32_t index
:16; /* Start index to invalidate */
309 uint32_t reserved_2
:16;
311 typedef struct VTDInvDescIEC VTDInvDescIEC
;
313 /* Queued Invalidation Descriptor */
323 typedef union VTDInvDesc VTDInvDesc
;
325 /* Masks for struct VTDInvDesc */
326 #define VTD_INV_DESC_TYPE 0xf
327 #define VTD_INV_DESC_CC 0x1 /* Context-cache Invalidate Desc */
328 #define VTD_INV_DESC_IOTLB 0x2
329 #define VTD_INV_DESC_IEC 0x4 /* Interrupt Entry Cache
330 Invalidate Descriptor */
331 #define VTD_INV_DESC_WAIT 0x5 /* Invalidation Wait Descriptor */
332 #define VTD_INV_DESC_NONE 0 /* Not an Invalidate Descriptor */
334 /* Masks for Invalidation Wait Descriptor*/
335 #define VTD_INV_DESC_WAIT_SW (1ULL << 5)
336 #define VTD_INV_DESC_WAIT_IF (1ULL << 4)
337 #define VTD_INV_DESC_WAIT_FN (1ULL << 6)
338 #define VTD_INV_DESC_WAIT_DATA_SHIFT 32
339 #define VTD_INV_DESC_WAIT_RSVD_LO 0Xffffff80ULL
340 #define VTD_INV_DESC_WAIT_RSVD_HI 3ULL
342 /* Masks for Context-cache Invalidation Descriptor */
343 #define VTD_INV_DESC_CC_G (3ULL << 4)
344 #define VTD_INV_DESC_CC_GLOBAL (1ULL << 4)
345 #define VTD_INV_DESC_CC_DOMAIN (2ULL << 4)
346 #define VTD_INV_DESC_CC_DEVICE (3ULL << 4)
347 #define VTD_INV_DESC_CC_DID(val) (((val) >> 16) & VTD_DOMAIN_ID_MASK)
348 #define VTD_INV_DESC_CC_SID(val) (((val) >> 32) & 0xffffUL)
349 #define VTD_INV_DESC_CC_FM(val) (((val) >> 48) & 3UL)
350 #define VTD_INV_DESC_CC_RSVD 0xfffc00000000ffc0ULL
352 /* Masks for IOTLB Invalidate Descriptor */
353 #define VTD_INV_DESC_IOTLB_G (3ULL << 4)
354 #define VTD_INV_DESC_IOTLB_GLOBAL (1ULL << 4)
355 #define VTD_INV_DESC_IOTLB_DOMAIN (2ULL << 4)
356 #define VTD_INV_DESC_IOTLB_PAGE (3ULL << 4)
357 #define VTD_INV_DESC_IOTLB_DID(val) (((val) >> 16) & VTD_DOMAIN_ID_MASK)
358 #define VTD_INV_DESC_IOTLB_ADDR(val) ((val) & ~0xfffULL & \
359 ((1ULL << VTD_MGAW) - 1))
360 #define VTD_INV_DESC_IOTLB_AM(val) ((val) & 0x3fULL)
361 #define VTD_INV_DESC_IOTLB_RSVD_LO 0xffffffff0000ff00ULL
362 #define VTD_INV_DESC_IOTLB_RSVD_HI 0xf80ULL
364 /* Information about page-selective IOTLB invalidate */
365 struct VTDIOTLBPageInvInfo
{
370 typedef struct VTDIOTLBPageInvInfo VTDIOTLBPageInvInfo
;
372 /* Pagesize of VTD paging structures, including root and context tables */
373 #define VTD_PAGE_SHIFT 12
374 #define VTD_PAGE_SIZE (1ULL << VTD_PAGE_SHIFT)
376 #define VTD_PAGE_SHIFT_4K 12
377 #define VTD_PAGE_MASK_4K (~((1ULL << VTD_PAGE_SHIFT_4K) - 1))
378 #define VTD_PAGE_SHIFT_2M 21
379 #define VTD_PAGE_MASK_2M (~((1ULL << VTD_PAGE_SHIFT_2M) - 1))
380 #define VTD_PAGE_SHIFT_1G 30
381 #define VTD_PAGE_MASK_1G (~((1ULL << VTD_PAGE_SHIFT_1G) - 1))
383 struct VTDRootEntry
{
387 typedef struct VTDRootEntry VTDRootEntry
;
389 /* Masks for struct VTDRootEntry */
390 #define VTD_ROOT_ENTRY_P 1ULL
391 #define VTD_ROOT_ENTRY_CTP (~0xfffULL)
393 #define VTD_ROOT_ENTRY_NR (VTD_PAGE_SIZE / sizeof(VTDRootEntry))
394 #define VTD_ROOT_ENTRY_RSVD (0xffeULL | ~VTD_HAW_MASK)
396 /* Masks for struct VTDContextEntry */
398 #define VTD_CONTEXT_ENTRY_P (1ULL << 0)
399 #define VTD_CONTEXT_ENTRY_FPD (1ULL << 1) /* Fault Processing Disable */
400 #define VTD_CONTEXT_ENTRY_TT (3ULL << 2) /* Translation Type */
401 #define VTD_CONTEXT_TT_MULTI_LEVEL 0
402 #define VTD_CONTEXT_TT_DEV_IOTLB 1
403 #define VTD_CONTEXT_TT_PASS_THROUGH 2
404 /* Second Level Page Translation Pointer*/
405 #define VTD_CONTEXT_ENTRY_SLPTPTR (~0xfffULL)
406 #define VTD_CONTEXT_ENTRY_RSVD_LO (0xff0ULL | ~VTD_HAW_MASK)
408 #define VTD_CONTEXT_ENTRY_AW 7ULL /* Adjusted guest-address-width */
409 #define VTD_CONTEXT_ENTRY_DID(val) (((val) >> 8) & VTD_DOMAIN_ID_MASK)
410 #define VTD_CONTEXT_ENTRY_RSVD_HI 0xffffffffff000080ULL
412 #define VTD_CONTEXT_ENTRY_NR (VTD_PAGE_SIZE / sizeof(VTDContextEntry))
414 /* Paging Structure common */
415 #define VTD_SL_PT_PAGE_SIZE_MASK (1ULL << 7)
416 /* Bits to decide the offset for each level */
417 #define VTD_SL_LEVEL_BITS 9
419 /* Second Level Paging Structure */
420 #define VTD_SL_PML4_LEVEL 4
421 #define VTD_SL_PDP_LEVEL 3
422 #define VTD_SL_PD_LEVEL 2
423 #define VTD_SL_PT_LEVEL 1
424 #define VTD_SL_PT_ENTRY_NR 512
426 /* Masks for Second Level Paging Entry */
427 #define VTD_SL_RW_MASK 3ULL
428 #define VTD_SL_R 1ULL
429 #define VTD_SL_W (1ULL << 1)
430 #define VTD_SL_PT_BASE_ADDR_MASK (~(VTD_PAGE_SIZE - 1) & VTD_HAW_MASK)
431 #define VTD_SL_IGN_COM 0xbff0000000000000ULL