search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
tests: add test to check VirtQueue object
[qemu/ar7.git] / hw / intc / arm_gic.c
blob5a0e2a3c1abcce71f8ee34e4fa716a5fc5262d84
1 /*
2 * ARM Generic/Distributed Interrupt Controller
3 *
4 * Copyright (c) 2006-2007 CodeSourcery.
5 * Written by Paul Brook
6 *
7 * This code is licensed under the GPL.
8 */
9
10 /* This file contains implementation code for the RealView EB interrupt
11 * controller, MPCore distributed interrupt controller and ARMv7-M
12 * Nested Vectored Interrupt Controller.
13 * It is compiled in two ways:
14 * (1) as a standalone file to produce a sysbus device which is a GIC
15 * that can be used on the realview board and as one of the builtin
16 * private peripherals for the ARM MP CPUs (11MPCore, A9, etc)
17 * (2) by being directly #included into armv7m_nvic.c to produce the
18 * armv7m_nvic device.
19 */
20
21 #include "qemu/osdep.h"
22 #include "hw/sysbus.h"
23 #include "gic_internal.h"
24 #include "qapi/error.h"
25 #include "qom/cpu.h"
26 #include "qemu/log.h"
27 #include "trace.h"
28 #include "sysemu/kvm.h"
29
30 /* #define DEBUG_GIC */
31
32 #ifdef DEBUG_GIC
33 #define DEBUG_GIC_GATE 1
34 #else
35 #define DEBUG_GIC_GATE 0
36 #endif
37
38 #define DPRINTF(fmt, ...) do { \
39 if (DEBUG_GIC_GATE) { \
40 fprintf(stderr, "%s: " fmt, __func__, ## __VA_ARGS__); \
41 } \
42 } while (0)
43
44 static const uint8_t gic_id_11mpcore[] = {
45 0x00, 0x00, 0x00, 0x00, 0x90, 0x13, 0x04, 0x00, 0x0d, 0xf0, 0x05, 0xb1
46 };
47
48 static const uint8_t gic_id_gicv1[] = {
49 0x04, 0x00, 0x00, 0x00, 0x90, 0xb3, 0x1b, 0x00, 0x0d, 0xf0, 0x05, 0xb1
50 };
51
52 static const uint8_t gic_id_gicv2[] = {
53 0x04, 0x00, 0x00, 0x00, 0x90, 0xb4, 0x2b, 0x00, 0x0d, 0xf0, 0x05, 0xb1
54 };
55
56 static inline int gic_get_current_cpu(GICState *s)
57 {
58 if (s->num_cpu > 1) {
59 return current_cpu->cpu_index;
60 }
61 return 0;
62 }
63
64 /* Return true if this GIC config has interrupt groups, which is
65 * true if we're a GICv2, or a GICv1 with the security extensions.
66 */
67 static inline bool gic_has_groups(GICState *s)
68 {
69 return s->revision == 2 || s->security_extn;
70 }
71
72 /* TODO: Many places that call this routine could be optimized. */
73 /* Update interrupt status after enabled or pending bits have been changed. */
74 void gic_update(GICState *s)
75 {
76 int best_irq;
77 int best_prio;
78 int irq;
79 int irq_level, fiq_level;
80 int cpu;
81 int cm;
82
83 for (cpu = 0; cpu < s->num_cpu; cpu++) {
84 cm = 1 << cpu;
85 s->current_pending[cpu] = 1023;
86 if (!(s->ctlr & (GICD_CTLR_EN_GRP0 | GICD_CTLR_EN_GRP1))
87 || !(s->cpu_ctlr[cpu] & (GICC_CTLR_EN_GRP0 | GICC_CTLR_EN_GRP1))) {
88 qemu_irq_lower(s->parent_irq[cpu]);
89 qemu_irq_lower(s->parent_fiq[cpu]);
90 continue;
91 }
92 best_prio = 0x100;
93 best_irq = 1023;
94 for (irq = 0; irq < s->num_irq; irq++) {
95 if (GIC_TEST_ENABLED(irq, cm) && gic_test_pending(s, irq, cm) &&
96 (irq < GIC_INTERNAL || GIC_TARGET(irq) & cm)) {
97 if (GIC_GET_PRIORITY(irq, cpu) < best_prio) {
98 best_prio = GIC_GET_PRIORITY(irq, cpu);
99 best_irq = irq;
100 }
101 }
102 }
103
104 if (best_irq != 1023) {
105 trace_gic_update_bestirq(cpu, best_irq, best_prio,
106 s->priority_mask[cpu], s->running_priority[cpu]);
107 }
108
109 irq_level = fiq_level = 0;
110
111 if (best_prio < s->priority_mask[cpu]) {
112 s->current_pending[cpu] = best_irq;
113 if (best_prio < s->running_priority[cpu]) {
114 int group = GIC_TEST_GROUP(best_irq, cm);
115
116 if (extract32(s->ctlr, group, 1) &&
117 extract32(s->cpu_ctlr[cpu], group, 1)) {
118 if (group == 0 && s->cpu_ctlr[cpu] & GICC_CTLR_FIQ_EN) {
119 DPRINTF("Raised pending FIQ %d (cpu %d)\n",
120 best_irq, cpu);
121 fiq_level = 1;
122 trace_gic_update_set_irq(cpu, "fiq", fiq_level);
123 } else {
124 DPRINTF("Raised pending IRQ %d (cpu %d)\n",
125 best_irq, cpu);
126 irq_level = 1;
127 trace_gic_update_set_irq(cpu, "irq", irq_level);
128 }
129 }
130 }
131 }
132
133 qemu_set_irq(s->parent_irq[cpu], irq_level);
134 qemu_set_irq(s->parent_fiq[cpu], fiq_level);
135 }
136 }
137
138 void gic_set_pending_private(GICState *s, int cpu, int irq)
139 {
140 int cm = 1 << cpu;
141
142 if (gic_test_pending(s, irq, cm)) {
143 return;
144 }
145
146 DPRINTF("Set %d pending cpu %d\n", irq, cpu);
147 GIC_SET_PENDING(irq, cm);
148 gic_update(s);
149 }
150
151 static void gic_set_irq_11mpcore(GICState *s, int irq, int level,
152 int cm, int target)
153 {
154 if (level) {
155 GIC_SET_LEVEL(irq, cm);
156 if (GIC_TEST_EDGE_TRIGGER(irq) || GIC_TEST_ENABLED(irq, cm)) {
157 DPRINTF("Set %d pending mask %x\n", irq, target);
158 GIC_SET_PENDING(irq, target);
159 }
160 } else {
161 GIC_CLEAR_LEVEL(irq, cm);
162 }
163 }
164
165 static void gic_set_irq_generic(GICState *s, int irq, int level,
166 int cm, int target)
167 {
168 if (level) {
169 GIC_SET_LEVEL(irq, cm);
170 DPRINTF("Set %d pending mask %x\n", irq, target);
171 if (GIC_TEST_EDGE_TRIGGER(irq)) {
172 GIC_SET_PENDING(irq, target);
173 }
174 } else {
175 GIC_CLEAR_LEVEL(irq, cm);
176 }
177 }
178
179 /* Process a change in an external IRQ input. */
180 static void gic_set_irq(void *opaque, int irq, int level)
181 {
182 /* Meaning of the 'irq' parameter:
183 * [0..N-1] : external interrupts
184 * [N..N+31] : PPI (internal) interrupts for CPU 0
185 * [N+32..N+63] : PPI (internal interrupts for CPU 1
186 * ...
187 */
188 GICState *s = (GICState *)opaque;
189 int cm, target;
190 if (irq < (s->num_irq - GIC_INTERNAL)) {
191 /* The first external input line is internal interrupt 32. */
192 cm = ALL_CPU_MASK;
193 irq += GIC_INTERNAL;
194 target = GIC_TARGET(irq);
195 } else {
196 int cpu;
197 irq -= (s->num_irq - GIC_INTERNAL);
198 cpu = irq / GIC_INTERNAL;
199 irq %= GIC_INTERNAL;
200 cm = 1 << cpu;
201 target = cm;
202 }
203
204 assert(irq >= GIC_NR_SGIS);
205
206 if (level == GIC_TEST_LEVEL(irq, cm)) {
207 return;
208 }
209
210 if (s->revision == REV_11MPCORE) {
211 gic_set_irq_11mpcore(s, irq, level, cm, target);
212 } else {
213 gic_set_irq_generic(s, irq, level, cm, target);
214 }
215 trace_gic_set_irq(irq, level, cm, target);
216
217 gic_update(s);
218 }
219
220 static uint16_t gic_get_current_pending_irq(GICState *s, int cpu,
221 MemTxAttrs attrs)
222 {
223 uint16_t pending_irq = s->current_pending[cpu];
224
225 if (pending_irq < GIC_MAXIRQ && gic_has_groups(s)) {
226 int group = GIC_TEST_GROUP(pending_irq, (1 << cpu));
227 /* On a GIC without the security extensions, reading this register
228 * behaves in the same way as a secure access to a GIC with them.
229 */
230 bool secure = !s->security_extn || attrs.secure;
231
232 if (group == 0 && !secure) {
233 /* Group0 interrupts hidden from Non-secure access */
234 return 1023;
235 }
236 if (group == 1 && secure && !(s->cpu_ctlr[cpu] & GICC_CTLR_ACK_CTL)) {
237 /* Group1 interrupts only seen by Secure access if
238 * AckCtl bit set.
239 */
240 return 1022;
241 }
242 }
243 return pending_irq;
244 }
245
246 static int gic_get_group_priority(GICState *s, int cpu, int irq)
247 {
248 /* Return the group priority of the specified interrupt
249 * (which is the top bits of its priority, with the number
250 * of bits masked determined by the applicable binary point register).
251 */
252 int bpr;
253 uint32_t mask;
254
255 if (gic_has_groups(s) &&
256 !(s->cpu_ctlr[cpu] & GICC_CTLR_CBPR) &&
257 GIC_TEST_GROUP(irq, (1 << cpu))) {
258 bpr = s->abpr[cpu];
259 } else {
260 bpr = s->bpr[cpu];
261 }
262
263 /* a BPR of 0 means the group priority bits are [7:1];
264 * a BPR of 1 means they are [7:2], and so on down to
265 * a BPR of 7 meaning no group priority bits at all.
266 */
267 mask = ~0U << ((bpr & 7) + 1);
268
269 return GIC_GET_PRIORITY(irq, cpu) & mask;
270 }
271
272 static void gic_activate_irq(GICState *s, int cpu, int irq)
273 {
274 /* Set the appropriate Active Priority Register bit for this IRQ,
275 * and update the running priority.
276 */
277 int prio = gic_get_group_priority(s, cpu, irq);
278 int preemption_level = prio >> (GIC_MIN_BPR + 1);
279 int regno = preemption_level / 32;
280 int bitno = preemption_level % 32;
281
282 if (gic_has_groups(s) && GIC_TEST_GROUP(irq, (1 << cpu))) {
283 s->nsapr[regno][cpu] |= (1 << bitno);
284 } else {
285 s->apr[regno][cpu] |= (1 << bitno);
286 }
287
288 s->running_priority[cpu] = prio;
289 GIC_SET_ACTIVE(irq, 1 << cpu);
290 }
291
292 static int gic_get_prio_from_apr_bits(GICState *s, int cpu)
293 {
294 /* Recalculate the current running priority for this CPU based
295 * on the set bits in the Active Priority Registers.
296 */
297 int i;
298 for (i = 0; i < GIC_NR_APRS; i++) {
299 uint32_t apr = s->apr[i][cpu] | s->nsapr[i][cpu];
300 if (!apr) {
301 continue;
302 }
303 return (i * 32 + ctz32(apr)) << (GIC_MIN_BPR + 1);
304 }
305 return 0x100;
306 }
307
308 static void gic_drop_prio(GICState *s, int cpu, int group)
309 {
310 /* Drop the priority of the currently active interrupt in the
311 * specified group.
312 *
313 * Note that we can guarantee (because of the requirement to nest
314 * GICC_IAR reads [which activate an interrupt and raise priority]
315 * with GICC_EOIR writes [which drop the priority for the interrupt])
316 * that the interrupt we're being called for is the highest priority
317 * active interrupt, meaning that it has the lowest set bit in the
318 * APR registers.
319 *
320 * If the guest does not honour the ordering constraints then the
321 * behaviour of the GIC is UNPREDICTABLE, which for us means that
322 * the values of the APR registers might become incorrect and the
323 * running priority will be wrong, so interrupts that should preempt
324 * might not do so, and interrupts that should not preempt might do so.
325 */
326 int i;
327
328 for (i = 0; i < GIC_NR_APRS; i++) {
329 uint32_t *papr = group ? &s->nsapr[i][cpu] : &s->apr[i][cpu];
330 if (!*papr) {
331 continue;
332 }
333 /* Clear lowest set bit */
334 *papr &= *papr - 1;
335 break;
336 }
337
338 s->running_priority[cpu] = gic_get_prio_from_apr_bits(s, cpu);
339 }
340
341 uint32_t gic_acknowledge_irq(GICState *s, int cpu, MemTxAttrs attrs)
342 {
343 int ret, irq, src;
344 int cm = 1 << cpu;
345
346 /* gic_get_current_pending_irq() will return 1022 or 1023 appropriately
347 * for the case where this GIC supports grouping and the pending interrupt
348 * is in the wrong group.
349 */
350 irq = gic_get_current_pending_irq(s, cpu, attrs);
351 trace_gic_acknowledge_irq(cpu, irq);
352
353 if (irq >= GIC_MAXIRQ) {
354 DPRINTF("ACK, no pending interrupt or it is hidden: %d\n", irq);
355 return irq;
356 }
357
358 if (GIC_GET_PRIORITY(irq, cpu) >= s->running_priority[cpu]) {
359 DPRINTF("ACK, pending interrupt (%d) has insufficient priority\n", irq);
360 return 1023;
361 }
362
363 if (s->revision == REV_11MPCORE) {
364 /* Clear pending flags for both level and edge triggered interrupts.
365 * Level triggered IRQs will be reasserted once they become inactive.
366 */
367 GIC_CLEAR_PENDING(irq, GIC_TEST_MODEL(irq) ? ALL_CPU_MASK : cm);
368 ret = irq;
369 } else {
370 if (irq < GIC_NR_SGIS) {
371 /* Lookup the source CPU for the SGI and clear this in the
372 * sgi_pending map. Return the src and clear the overall pending
373 * state on this CPU if the SGI is not pending from any CPUs.
374 */
375 assert(s->sgi_pending[irq][cpu] != 0);
376 src = ctz32(s->sgi_pending[irq][cpu]);
377 s->sgi_pending[irq][cpu] &= ~(1 << src);
378 if (s->sgi_pending[irq][cpu] == 0) {
379 GIC_CLEAR_PENDING(irq, GIC_TEST_MODEL(irq) ? ALL_CPU_MASK : cm);
380 }
381 ret = irq | ((src & 0x7) << 10);
382 } else {
383 /* Clear pending state for both level and edge triggered
384 * interrupts. (level triggered interrupts with an active line
385 * remain pending, see gic_test_pending)
386 */
387 GIC_CLEAR_PENDING(irq, GIC_TEST_MODEL(irq) ? ALL_CPU_MASK : cm);
388 ret = irq;
389 }
390 }
391
392 gic_activate_irq(s, cpu, irq);
393 gic_update(s);
394 DPRINTF("ACK %d\n", irq);
395 return ret;
396 }
397
398 void gic_set_priority(GICState *s, int cpu, int irq, uint8_t val,
399 MemTxAttrs attrs)
400 {
401 if (s->security_extn && !attrs.secure) {
402 if (!GIC_TEST_GROUP(irq, (1 << cpu))) {
403 return; /* Ignore Non-secure access of Group0 IRQ */
404 }
405 val = 0x80 | (val >> 1); /* Non-secure view */
406 }
407
408 if (irq < GIC_INTERNAL) {
409 s->priority1[irq][cpu] = val;
410 } else {
411 s->priority2[(irq) - GIC_INTERNAL] = val;
412 }
413 }
414
415 static uint32_t gic_get_priority(GICState *s, int cpu, int irq,
416 MemTxAttrs attrs)
417 {
418 uint32_t prio = GIC_GET_PRIORITY(irq, cpu);
419
420 if (s->security_extn && !attrs.secure) {
421 if (!GIC_TEST_GROUP(irq, (1 << cpu))) {
422 return 0; /* Non-secure access cannot read priority of Group0 IRQ */
423 }
424 prio = (prio << 1) & 0xff; /* Non-secure view */
425 }
426 return prio;
427 }
428
429 static void gic_set_priority_mask(GICState *s, int cpu, uint8_t pmask,
430 MemTxAttrs attrs)
431 {
432 if (s->security_extn && !attrs.secure) {
433 if (s->priority_mask[cpu] & 0x80) {
434 /* Priority Mask in upper half */
435 pmask = 0x80 | (pmask >> 1);
436 } else {
437 /* Non-secure write ignored if priority mask is in lower half */
438 return;
439 }
440 }
441 s->priority_mask[cpu] = pmask;
442 }
443
444 static uint32_t gic_get_priority_mask(GICState *s, int cpu, MemTxAttrs attrs)
445 {
446 uint32_t pmask = s->priority_mask[cpu];
447
448 if (s->security_extn && !attrs.secure) {
449 if (pmask & 0x80) {
450 /* Priority Mask in upper half, return Non-secure view */
451 pmask = (pmask << 1) & 0xff;
452 } else {
453 /* Priority Mask in lower half, RAZ */
454 pmask = 0;
455 }
456 }
457 return pmask;
458 }
459
460 static uint32_t gic_get_cpu_control(GICState *s, int cpu, MemTxAttrs attrs)
461 {
462 uint32_t ret = s->cpu_ctlr[cpu];
463
464 if (s->security_extn && !attrs.secure) {
465 /* Construct the NS banked view of GICC_CTLR from the correct
466 * bits of the S banked view. We don't need to move the bypass
467 * control bits because we don't implement that (IMPDEF) part
468 * of the GIC architecture.
469 */
470 ret = (ret & (GICC_CTLR_EN_GRP1 | GICC_CTLR_EOIMODE_NS)) >> 1;
471 }
472 return ret;
473 }
474
475 static void gic_set_cpu_control(GICState *s, int cpu, uint32_t value,
476 MemTxAttrs attrs)
477 {
478 uint32_t mask;
479
480 if (s->security_extn && !attrs.secure) {
481 /* The NS view can only write certain bits in the register;
482 * the rest are unchanged
483 */
484 mask = GICC_CTLR_EN_GRP1;
485 if (s->revision == 2) {
486 mask |= GICC_CTLR_EOIMODE_NS;
487 }
488 s->cpu_ctlr[cpu] &= ~mask;
489 s->cpu_ctlr[cpu] |= (value << 1) & mask;
490 } else {
491 if (s->revision == 2) {
492 mask = s->security_extn ? GICC_CTLR_V2_S_MASK : GICC_CTLR_V2_MASK;
493 } else {
494 mask = s->security_extn ? GICC_CTLR_V1_S_MASK : GICC_CTLR_V1_MASK;
495 }
496 s->cpu_ctlr[cpu] = value & mask;
497 }
498 DPRINTF("CPU Interface %d: Group0 Interrupts %sabled, "
499 "Group1 Interrupts %sabled\n", cpu,
500 (s->cpu_ctlr[cpu] & GICC_CTLR_EN_GRP0) ? "En" : "Dis",
501 (s->cpu_ctlr[cpu] & GICC_CTLR_EN_GRP1) ? "En" : "Dis");
502 }
503
504 static uint8_t gic_get_running_priority(GICState *s, int cpu, MemTxAttrs attrs)
505 {
506 if (s->security_extn && !attrs.secure) {
507 if (s->running_priority[cpu] & 0x80) {
508 /* Running priority in upper half of range: return the Non-secure
509 * view of the priority.
510 */
511 return s->running_priority[cpu] << 1;
512 } else {
513 /* Running priority in lower half of range: RAZ */
514 return 0;
515 }
516 } else {
517 return s->running_priority[cpu];
518 }
519 }
520
521 /* Return true if we should split priority drop and interrupt deactivation,
522 * ie whether the relevant EOIMode bit is set.
523 */
524 static bool gic_eoi_split(GICState *s, int cpu, MemTxAttrs attrs)
525 {
526 if (s->revision != 2) {
527 /* Before GICv2 prio-drop and deactivate are not separable */
528 return false;
529 }
530 if (s->security_extn && !attrs.secure) {
531 return s->cpu_ctlr[cpu] & GICC_CTLR_EOIMODE_NS;
532 }
533 return s->cpu_ctlr[cpu] & GICC_CTLR_EOIMODE;
534 }
535
536 static void gic_deactivate_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
537 {
538 int cm = 1 << cpu;
539 int group = gic_has_groups(s) && GIC_TEST_GROUP(irq, cm);
540
541 if (!gic_eoi_split(s, cpu, attrs)) {
542 /* This is UNPREDICTABLE; we choose to ignore it */
543 qemu_log_mask(LOG_GUEST_ERROR,
544 "gic_deactivate_irq: GICC_DIR write when EOIMode clear");
545 return;
546 }
547
548 if (s->security_extn && !attrs.secure && !group) {
549 DPRINTF("Non-secure DI for Group0 interrupt %d ignored\n", irq);
550 return;
551 }
552
553 GIC_CLEAR_ACTIVE(irq, cm);
554 }
555
556 void gic_complete_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
557 {
558 int cm = 1 << cpu;
559 int group;
560
561 DPRINTF("EOI %d\n", irq);
562 if (irq >= s->num_irq) {
563 /* This handles two cases:
564 * 1. If software writes the ID of a spurious interrupt [ie 1023]
565 * to the GICC_EOIR, the GIC ignores that write.
566 * 2. If software writes the number of a non-existent interrupt
567 * this must be a subcase of "value written does not match the last
568 * valid interrupt value read from the Interrupt Acknowledge
569 * register" and so this is UNPREDICTABLE. We choose to ignore it.
570 */
571 return;
572 }
573 if (s->running_priority[cpu] == 0x100) {
574 return; /* No active IRQ. */
575 }
576
577 if (s->revision == REV_11MPCORE) {
578 /* Mark level triggered interrupts as pending if they are still
579 raised. */
580 if (!GIC_TEST_EDGE_TRIGGER(irq) && GIC_TEST_ENABLED(irq, cm)
581 && GIC_TEST_LEVEL(irq, cm) && (GIC_TARGET(irq) & cm) != 0) {
582 DPRINTF("Set %d pending mask %x\n", irq, cm);
583 GIC_SET_PENDING(irq, cm);
584 }
585 }
586
587 group = gic_has_groups(s) && GIC_TEST_GROUP(irq, cm);
588
589 if (s->security_extn && !attrs.secure && !group) {
590 DPRINTF("Non-secure EOI for Group0 interrupt %d ignored\n", irq);
591 return;
592 }
593
594 /* Secure EOI with GICC_CTLR.AckCtl == 0 when the IRQ is a Group 1
595 * interrupt is UNPREDICTABLE. We choose to handle it as if AckCtl == 1,
596 * i.e. go ahead and complete the irq anyway.
597 */
598
599 gic_drop_prio(s, cpu, group);
600
601 /* In GICv2 the guest can choose to split priority-drop and deactivate */
602 if (!gic_eoi_split(s, cpu, attrs)) {
603 GIC_CLEAR_ACTIVE(irq, cm);
604 }
605 gic_update(s);
606 }
607
608 static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
609 {
610 GICState *s = (GICState *)opaque;
611 uint32_t res;
612 int irq;
613 int i;
614 int cpu;
615 int cm;
616 int mask;
617
618 cpu = gic_get_current_cpu(s);
619 cm = 1 << cpu;
620 if (offset < 0x100) {
621 if (offset == 0) { /* GICD_CTLR */
622 if (s->security_extn && !attrs.secure) {
623 /* The NS bank of this register is just an alias of the
624 * EnableGrp1 bit in the S bank version.
625 */
626 return extract32(s->ctlr, 1, 1);
627 } else {
628 return s->ctlr;
629 }
630 }
631 if (offset == 4)
632 /* Interrupt Controller Type Register */
633 return ((s->num_irq / 32) - 1)
634 | ((s->num_cpu - 1) << 5)
635 | (s->security_extn << 10);
636 if (offset < 0x08)
637 return 0;
638 if (offset >= 0x80) {
639 /* Interrupt Group Registers: these RAZ/WI if this is an NS
640 * access to a GIC with the security extensions, or if the GIC
641 * doesn't have groups at all.
642 */
643 res = 0;
644 if (!(s->security_extn && !attrs.secure) && gic_has_groups(s)) {
645 /* Every byte offset holds 8 group status bits */
646 irq = (offset - 0x080) * 8 + GIC_BASE_IRQ;
647 if (irq >= s->num_irq) {
648 goto bad_reg;
649 }
650 for (i = 0; i < 8; i++) {
651 if (GIC_TEST_GROUP(irq + i, cm)) {
652 res |= (1 << i);
653 }
654 }
655 }
656 return res;
657 }
658 goto bad_reg;
659 } else if (offset < 0x200) {
660 /* Interrupt Set/Clear Enable. */
661 if (offset < 0x180)
662 irq = (offset - 0x100) * 8;
663 else
664 irq = (offset - 0x180) * 8;
665 irq += GIC_BASE_IRQ;
666 if (irq >= s->num_irq)
667 goto bad_reg;
668 res = 0;
669 for (i = 0; i < 8; i++) {
670 if (s->security_extn && !attrs.secure &&
671 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
672 continue; /* Ignore Non-secure access of Group0 IRQ */
673 }
674
675 if (GIC_TEST_ENABLED(irq + i, cm)) {
676 res |= (1 << i);
677 }
678 }
679 } else if (offset < 0x300) {
680 /* Interrupt Set/Clear Pending. */
681 if (offset < 0x280)
682 irq = (offset - 0x200) * 8;
683 else
684 irq = (offset - 0x280) * 8;
685 irq += GIC_BASE_IRQ;
686 if (irq >= s->num_irq)
687 goto bad_reg;
688 res = 0;
689 mask = (irq < GIC_INTERNAL) ? cm : ALL_CPU_MASK;
690 for (i = 0; i < 8; i++) {
691 if (s->security_extn && !attrs.secure &&
692 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
693 continue; /* Ignore Non-secure access of Group0 IRQ */
694 }
695
696 if (gic_test_pending(s, irq + i, mask)) {
697 res |= (1 << i);
698 }
699 }
700 } else if (offset < 0x400) {
701 /* Interrupt Active. */
702 irq = (offset - 0x300) * 8 + GIC_BASE_IRQ;
703 if (irq >= s->num_irq)
704 goto bad_reg;
705 res = 0;
706 mask = (irq < GIC_INTERNAL) ? cm : ALL_CPU_MASK;
707 for (i = 0; i < 8; i++) {
708 if (s->security_extn && !attrs.secure &&
709 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
710 continue; /* Ignore Non-secure access of Group0 IRQ */
711 }
712
713 if (GIC_TEST_ACTIVE(irq + i, mask)) {
714 res |= (1 << i);
715 }
716 }
717 } else if (offset < 0x800) {
718 /* Interrupt Priority. */
719 irq = (offset - 0x400) + GIC_BASE_IRQ;
720 if (irq >= s->num_irq)
721 goto bad_reg;
722 res = gic_get_priority(s, cpu, irq, attrs);
723 } else if (offset < 0xc00) {
724 /* Interrupt CPU Target. */
725 if (s->num_cpu == 1 && s->revision != REV_11MPCORE) {
726 /* For uniprocessor GICs these RAZ/WI */
727 res = 0;
728 } else {
729 irq = (offset - 0x800) + GIC_BASE_IRQ;
730 if (irq >= s->num_irq) {
731 goto bad_reg;
732 }
733 if (irq >= 29 && irq <= 31) {
734 res = cm;
735 } else {
736 res = GIC_TARGET(irq);
737 }
738 }
739 } else if (offset < 0xf00) {
740 /* Interrupt Configuration. */
741 irq = (offset - 0xc00) * 4 + GIC_BASE_IRQ;
742 if (irq >= s->num_irq)
743 goto bad_reg;
744 res = 0;
745 for (i = 0; i < 4; i++) {
746 if (s->security_extn && !attrs.secure &&
747 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
748 continue; /* Ignore Non-secure access of Group0 IRQ */
749 }
750
751 if (GIC_TEST_MODEL(irq + i))
752 res |= (1 << (i * 2));
753 if (GIC_TEST_EDGE_TRIGGER(irq + i))
754 res |= (2 << (i * 2));
755 }
756 } else if (offset < 0xf10) {
757 goto bad_reg;
758 } else if (offset < 0xf30) {
759 if (s->revision == REV_11MPCORE) {
760 goto bad_reg;
761 }
762
763 if (offset < 0xf20) {
764 /* GICD_CPENDSGIRn */
765 irq = (offset - 0xf10);
766 } else {
767 irq = (offset - 0xf20);
768 /* GICD_SPENDSGIRn */
769 }
770
771 if (s->security_extn && !attrs.secure &&
772 !GIC_TEST_GROUP(irq, 1 << cpu)) {
773 res = 0; /* Ignore Non-secure access of Group0 IRQ */
774 } else {
775 res = s->sgi_pending[irq][cpu];
776 }
777 } else if (offset < 0xfd0) {
778 goto bad_reg;
779 } else if (offset < 0x1000) {
780 if (offset & 3) {
781 res = 0;
782 } else {
783 switch (s->revision) {
784 case REV_11MPCORE:
785 res = gic_id_11mpcore[(offset - 0xfd0) >> 2];
786 break;
787 case 1:
788 res = gic_id_gicv1[(offset - 0xfd0) >> 2];
789 break;
790 case 2:
791 res = gic_id_gicv2[(offset - 0xfd0) >> 2];
792 break;
793 default:
794 res = 0;
795 }
796 }
797 } else {
798 g_assert_not_reached();
799 }
800 return res;
801 bad_reg:
802 qemu_log_mask(LOG_GUEST_ERROR,
803 "gic_dist_readb: Bad offset %x\n", (int)offset);
804 return 0;
805 }
806
807 static MemTxResult gic_dist_read(void *opaque, hwaddr offset, uint64_t *data,
808 unsigned size, MemTxAttrs attrs)
809 {
810 switch (size) {
811 case 1:
812 *data = gic_dist_readb(opaque, offset, attrs);
813 return MEMTX_OK;
814 case 2:
815 *data = gic_dist_readb(opaque, offset, attrs);
816 *data |= gic_dist_readb(opaque, offset + 1, attrs) << 8;
817 return MEMTX_OK;
818 case 4:
819 *data = gic_dist_readb(opaque, offset, attrs);
820 *data |= gic_dist_readb(opaque, offset + 1, attrs) << 8;
821 *data |= gic_dist_readb(opaque, offset + 2, attrs) << 16;
822 *data |= gic_dist_readb(opaque, offset + 3, attrs) << 24;
823 return MEMTX_OK;
824 default:
825 return MEMTX_ERROR;
826 }
827 }
828
829 static void gic_dist_writeb(void *opaque, hwaddr offset,
830 uint32_t value, MemTxAttrs attrs)
831 {
832 GICState *s = (GICState *)opaque;
833 int irq;
834 int i;
835 int cpu;
836
837 cpu = gic_get_current_cpu(s);
838 if (offset < 0x100) {
839 if (offset == 0) {
840 if (s->security_extn && !attrs.secure) {
841 /* NS version is just an alias of the S version's bit 1 */
842 s->ctlr = deposit32(s->ctlr, 1, 1, value);
843 } else if (gic_has_groups(s)) {
844 s->ctlr = value & (GICD_CTLR_EN_GRP0 | GICD_CTLR_EN_GRP1);
845 } else {
846 s->ctlr = value & GICD_CTLR_EN_GRP0;
847 }
848 DPRINTF("Distributor: Group0 %sabled; Group 1 %sabled\n",
849 s->ctlr & GICD_CTLR_EN_GRP0 ? "En" : "Dis",
850 s->ctlr & GICD_CTLR_EN_GRP1 ? "En" : "Dis");
851 } else if (offset < 4) {
852 /* ignored. */
853 } else if (offset >= 0x80) {
854 /* Interrupt Group Registers: RAZ/WI for NS access to secure
855 * GIC, or for GICs without groups.
856 */
857 if (!(s->security_extn && !attrs.secure) && gic_has_groups(s)) {
858 /* Every byte offset holds 8 group status bits */
859 irq = (offset - 0x80) * 8 + GIC_BASE_IRQ;
860 if (irq >= s->num_irq) {
861 goto bad_reg;
862 }
863 for (i = 0; i < 8; i++) {
864 /* Group bits are banked for private interrupts */
865 int cm = (irq < GIC_INTERNAL) ? (1 << cpu) : ALL_CPU_MASK;
866 if (value & (1 << i)) {
867 /* Group1 (Non-secure) */
868 GIC_SET_GROUP(irq + i, cm);
869 } else {
870 /* Group0 (Secure) */
871 GIC_CLEAR_GROUP(irq + i, cm);
872 }
873 }
874 }
875 } else {
876 goto bad_reg;
877 }
878 } else if (offset < 0x180) {
879 /* Interrupt Set Enable. */
880 irq = (offset - 0x100) * 8 + GIC_BASE_IRQ;
881 if (irq >= s->num_irq)
882 goto bad_reg;
883 if (irq < GIC_NR_SGIS) {
884 value = 0xff;
885 }
886
887 for (i = 0; i < 8; i++) {
888 if (value & (1 << i)) {
889 int mask =
890 (irq < GIC_INTERNAL) ? (1 << cpu) : GIC_TARGET(irq + i);
891 int cm = (irq < GIC_INTERNAL) ? (1 << cpu) : ALL_CPU_MASK;
892
893 if (s->security_extn && !attrs.secure &&
894 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
895 continue; /* Ignore Non-secure access of Group0 IRQ */
896 }
897
898 if (!GIC_TEST_ENABLED(irq + i, cm)) {
899 DPRINTF("Enabled IRQ %d\n", irq + i);
900 trace_gic_enable_irq(irq + i);
901 }
902 GIC_SET_ENABLED(irq + i, cm);
903 /* If a raised level triggered IRQ enabled then mark
904 is as pending. */
905 if (GIC_TEST_LEVEL(irq + i, mask)
906 && !GIC_TEST_EDGE_TRIGGER(irq + i)) {
907 DPRINTF("Set %d pending mask %x\n", irq + i, mask);
908 GIC_SET_PENDING(irq + i, mask);
909 }
910 }
911 }
912 } else if (offset < 0x200) {
913 /* Interrupt Clear Enable. */
914 irq = (offset - 0x180) * 8 + GIC_BASE_IRQ;
915 if (irq >= s->num_irq)
916 goto bad_reg;
917 if (irq < GIC_NR_SGIS) {
918 value = 0;
919 }
920
921 for (i = 0; i < 8; i++) {
922 if (value & (1 << i)) {
923 int cm = (irq < GIC_INTERNAL) ? (1 << cpu) : ALL_CPU_MASK;
924
925 if (s->security_extn && !attrs.secure &&
926 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
927 continue; /* Ignore Non-secure access of Group0 IRQ */
928 }
929
930 if (GIC_TEST_ENABLED(irq + i, cm)) {
931 DPRINTF("Disabled IRQ %d\n", irq + i);
932 trace_gic_disable_irq(irq + i);
933 }
934 GIC_CLEAR_ENABLED(irq + i, cm);
935 }
936 }
937 } else if (offset < 0x280) {
938 /* Interrupt Set Pending. */
939 irq = (offset - 0x200) * 8 + GIC_BASE_IRQ;
940 if (irq >= s->num_irq)
941 goto bad_reg;
942 if (irq < GIC_NR_SGIS) {
943 value = 0;
944 }
945
946 for (i = 0; i < 8; i++) {
947 if (value & (1 << i)) {
948 if (s->security_extn && !attrs.secure &&
949 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
950 continue; /* Ignore Non-secure access of Group0 IRQ */
951 }
952
953 GIC_SET_PENDING(irq + i, GIC_TARGET(irq + i));
954 }
955 }
956 } else if (offset < 0x300) {
957 /* Interrupt Clear Pending. */
958 irq = (offset - 0x280) * 8 + GIC_BASE_IRQ;
959 if (irq >= s->num_irq)
960 goto bad_reg;
961 if (irq < GIC_NR_SGIS) {
962 value = 0;
963 }
964
965 for (i = 0; i < 8; i++) {
966 if (s->security_extn && !attrs.secure &&
967 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
968 continue; /* Ignore Non-secure access of Group0 IRQ */
969 }
970
971 /* ??? This currently clears the pending bit for all CPUs, even
972 for per-CPU interrupts. It's unclear whether this is the
973 corect behavior. */
974 if (value & (1 << i)) {
975 GIC_CLEAR_PENDING(irq + i, ALL_CPU_MASK);
976 }
977 }
978 } else if (offset < 0x400) {
979 /* Interrupt Active. */
980 goto bad_reg;
981 } else if (offset < 0x800) {
982 /* Interrupt Priority. */
983 irq = (offset - 0x400) + GIC_BASE_IRQ;
984 if (irq >= s->num_irq)
985 goto bad_reg;
986 gic_set_priority(s, cpu, irq, value, attrs);
987 } else if (offset < 0xc00) {
988 /* Interrupt CPU Target. RAZ/WI on uniprocessor GICs, with the
989 * annoying exception of the 11MPCore's GIC.
990 */
991 if (s->num_cpu != 1 || s->revision == REV_11MPCORE) {
992 irq = (offset - 0x800) + GIC_BASE_IRQ;
993 if (irq >= s->num_irq) {
994 goto bad_reg;
995 }
996 if (irq < 29) {
997 value = 0;
998 } else if (irq < GIC_INTERNAL) {
999 value = ALL_CPU_MASK;
1000 }
1001 s->irq_target[irq] = value & ALL_CPU_MASK;
1002 }
1003 } else if (offset < 0xf00) {
1004 /* Interrupt Configuration. */
1005 irq = (offset - 0xc00) * 4 + GIC_BASE_IRQ;
1006 if (irq >= s->num_irq)
1007 goto bad_reg;
1008 if (irq < GIC_NR_SGIS)
1009 value |= 0xaa;
1010 for (i = 0; i < 4; i++) {
1011 if (s->security_extn && !attrs.secure &&
1012 !GIC_TEST_GROUP(irq + i, 1 << cpu)) {
1013 continue; /* Ignore Non-secure access of Group0 IRQ */
1014 }
1015
1016 if (s->revision == REV_11MPCORE) {
1017 if (value & (1 << (i * 2))) {
1018 GIC_SET_MODEL(irq + i);
1019 } else {
1020 GIC_CLEAR_MODEL(irq + i);
1021 }
1022 }
1023 if (value & (2 << (i * 2))) {
1024 GIC_SET_EDGE_TRIGGER(irq + i);
1025 } else {
1026 GIC_CLEAR_EDGE_TRIGGER(irq + i);
1027 }
1028 }
1029 } else if (offset < 0xf10) {
1030 /* 0xf00 is only handled for 32-bit writes. */
1031 goto bad_reg;
1032 } else if (offset < 0xf20) {
1033 /* GICD_CPENDSGIRn */
1034 if (s->revision == REV_11MPCORE) {
1035 goto bad_reg;
1036 }
1037 irq = (offset - 0xf10);
1038
1039 if (!s->security_extn || attrs.secure ||
1040 GIC_TEST_GROUP(irq, 1 << cpu)) {
1041 s->sgi_pending[irq][cpu] &= ~value;
1042 if (s->sgi_pending[irq][cpu] == 0) {
1043 GIC_CLEAR_PENDING(irq, 1 << cpu);
1044 }
1045 }
1046 } else if (offset < 0xf30) {
1047 /* GICD_SPENDSGIRn */
1048 if (s->revision == REV_11MPCORE) {
1049 goto bad_reg;
1050 }
1051 irq = (offset - 0xf20);
1052
1053 if (!s->security_extn || attrs.secure ||
1054 GIC_TEST_GROUP(irq, 1 << cpu)) {
1055 GIC_SET_PENDING(irq, 1 << cpu);
1056 s->sgi_pending[irq][cpu] |= value;
1057 }
1058 } else {
1059 goto bad_reg;
1060 }
1061 gic_update(s);
1062 return;
1063 bad_reg:
1064 qemu_log_mask(LOG_GUEST_ERROR,
1065 "gic_dist_writeb: Bad offset %x\n", (int)offset);
1066 }
1067
1068 static void gic_dist_writew(void *opaque, hwaddr offset,
1069 uint32_t value, MemTxAttrs attrs)
1070 {
1071 gic_dist_writeb(opaque, offset, value & 0xff, attrs);
1072 gic_dist_writeb(opaque, offset + 1, value >> 8, attrs);
1073 }
1074
1075 static void gic_dist_writel(void *opaque, hwaddr offset,
1076 uint32_t value, MemTxAttrs attrs)
1077 {
1078 GICState *s = (GICState *)opaque;
1079 if (offset == 0xf00) {
1080 int cpu;
1081 int irq;
1082 int mask;
1083 int target_cpu;
1084
1085 cpu = gic_get_current_cpu(s);
1086 irq = value & 0x3ff;
1087 switch ((value >> 24) & 3) {
1088 case 0:
1089 mask = (value >> 16) & ALL_CPU_MASK;
1090 break;
1091 case 1:
1092 mask = ALL_CPU_MASK ^ (1 << cpu);
1093 break;
1094 case 2:
1095 mask = 1 << cpu;
1096 break;
1097 default:
1098 DPRINTF("Bad Soft Int target filter\n");
1099 mask = ALL_CPU_MASK;
1100 break;
1101 }
1102 GIC_SET_PENDING(irq, mask);
1103 target_cpu = ctz32(mask);
1104 while (target_cpu < GIC_NCPU) {
1105 s->sgi_pending[irq][target_cpu] |= (1 << cpu);
1106 mask &= ~(1 << target_cpu);
1107 target_cpu = ctz32(mask);
1108 }
1109 gic_update(s);
1110 return;
1111 }
1112 gic_dist_writew(opaque, offset, value & 0xffff, attrs);
1113 gic_dist_writew(opaque, offset + 2, value >> 16, attrs);
1114 }
1115
1116 static MemTxResult gic_dist_write(void *opaque, hwaddr offset, uint64_t data,
1117 unsigned size, MemTxAttrs attrs)
1118 {
1119 switch (size) {
1120 case 1:
1121 gic_dist_writeb(opaque, offset, data, attrs);
1122 return MEMTX_OK;
1123 case 2:
1124 gic_dist_writew(opaque, offset, data, attrs);
1125 return MEMTX_OK;
1126 case 4:
1127 gic_dist_writel(opaque, offset, data, attrs);
1128 return MEMTX_OK;
1129 default:
1130 return MEMTX_ERROR;
1131 }
1132 }
1133
1134 static inline uint32_t gic_apr_ns_view(GICState *s, int cpu, int regno)
1135 {
1136 /* Return the Nonsecure view of GICC_APR<regno>. This is the
1137 * second half of GICC_NSAPR.
1138 */
1139 switch (GIC_MIN_BPR) {
1140 case 0:
1141 if (regno < 2) {
1142 return s->nsapr[regno + 2][cpu];
1143 }
1144 break;
1145 case 1:
1146 if (regno == 0) {
1147 return s->nsapr[regno + 1][cpu];
1148 }
1149 break;
1150 case 2:
1151 if (regno == 0) {
1152 return extract32(s->nsapr[0][cpu], 16, 16);
1153 }
1154 break;
1155 case 3:
1156 if (regno == 0) {
1157 return extract32(s->nsapr[0][cpu], 8, 8);
1158 }
1159 break;
1160 default:
1161 g_assert_not_reached();
1162 }
1163 return 0;
1164 }
1165
1166 static inline void gic_apr_write_ns_view(GICState *s, int cpu, int regno,
1167 uint32_t value)
1168 {
1169 /* Write the Nonsecure view of GICC_APR<regno>. */
1170 switch (GIC_MIN_BPR) {
1171 case 0:
1172 if (regno < 2) {
1173 s->nsapr[regno + 2][cpu] = value;
1174 }
1175 break;
1176 case 1:
1177 if (regno == 0) {
1178 s->nsapr[regno + 1][cpu] = value;
1179 }
1180 break;
1181 case 2:
1182 if (regno == 0) {
1183 s->nsapr[0][cpu] = deposit32(s->nsapr[0][cpu], 16, 16, value);
1184 }
1185 break;
1186 case 3:
1187 if (regno == 0) {
1188 s->nsapr[0][cpu] = deposit32(s->nsapr[0][cpu], 8, 8, value);
1189 }
1190 break;
1191 default:
1192 g_assert_not_reached();
1193 }
1194 }
1195
1196 static MemTxResult gic_cpu_read(GICState *s, int cpu, int offset,
1197 uint64_t *data, MemTxAttrs attrs)
1198 {
1199 switch (offset) {
1200 case 0x00: /* Control */
1201 *data = gic_get_cpu_control(s, cpu, attrs);
1202 break;
1203 case 0x04: /* Priority mask */
1204 *data = gic_get_priority_mask(s, cpu, attrs);
1205 break;
1206 case 0x08: /* Binary Point */
1207 if (s->security_extn && !attrs.secure) {
1208 /* BPR is banked. Non-secure copy stored in ABPR. */
1209 *data = s->abpr[cpu];
1210 } else {
1211 *data = s->bpr[cpu];
1212 }
1213 break;
1214 case 0x0c: /* Acknowledge */
1215 *data = gic_acknowledge_irq(s, cpu, attrs);
1216 break;
1217 case 0x14: /* Running Priority */
1218 *data = gic_get_running_priority(s, cpu, attrs);
1219 break;
1220 case 0x18: /* Highest Pending Interrupt */
1221 *data = gic_get_current_pending_irq(s, cpu, attrs);
1222 break;
1223 case 0x1c: /* Aliased Binary Point */
1224 /* GIC v2, no security: ABPR
1225 * GIC v1, no security: not implemented (RAZ/WI)
1226 * With security extensions, secure access: ABPR (alias of NS BPR)
1227 * With security extensions, nonsecure access: RAZ/WI
1228 */
1229 if (!gic_has_groups(s) || (s->security_extn && !attrs.secure)) {
1230 *data = 0;
1231 } else {
1232 *data = s->abpr[cpu];
1233 }
1234 break;
1235 case 0xd0: case 0xd4: case 0xd8: case 0xdc:
1236 {
1237 int regno = (offset - 0xd0) / 4;
1238
1239 if (regno >= GIC_NR_APRS || s->revision != 2) {
1240 *data = 0;
1241 } else if (s->security_extn && !attrs.secure) {
1242 /* NS view of GICC_APR<n> is the top half of GIC_NSAPR<n> */
1243 *data = gic_apr_ns_view(s, regno, cpu);
1244 } else {
1245 *data = s->apr[regno][cpu];
1246 }
1247 break;
1248 }
1249 case 0xe0: case 0xe4: case 0xe8: case 0xec:
1250 {
1251 int regno = (offset - 0xe0) / 4;
1252
1253 if (regno >= GIC_NR_APRS || s->revision != 2 || !gic_has_groups(s) ||
1254 (s->security_extn && !attrs.secure)) {
1255 *data = 0;
1256 } else {
1257 *data = s->nsapr[regno][cpu];
1258 }
1259 break;
1260 }
1261 default:
1262 qemu_log_mask(LOG_GUEST_ERROR,
1263 "gic_cpu_read: Bad offset %x\n", (int)offset);
1264 return MEMTX_ERROR;
1265 }
1266 return MEMTX_OK;
1267 }
1268
1269 static MemTxResult gic_cpu_write(GICState *s, int cpu, int offset,
1270 uint32_t value, MemTxAttrs attrs)
1271 {
1272 switch (offset) {
1273 case 0x00: /* Control */
1274 gic_set_cpu_control(s, cpu, value, attrs);
1275 break;
1276 case 0x04: /* Priority mask */
1277 gic_set_priority_mask(s, cpu, value, attrs);
1278 break;
1279 case 0x08: /* Binary Point */
1280 if (s->security_extn && !attrs.secure) {
1281 s->abpr[cpu] = MAX(value & 0x7, GIC_MIN_ABPR);
1282 } else {
1283 s->bpr[cpu] = MAX(value & 0x7, GIC_MIN_BPR);
1284 }
1285 break;
1286 case 0x10: /* End Of Interrupt */
1287 gic_complete_irq(s, cpu, value & 0x3ff, attrs);
1288 return MEMTX_OK;
1289 case 0x1c: /* Aliased Binary Point */
1290 if (!gic_has_groups(s) || (s->security_extn && !attrs.secure)) {
1291 /* unimplemented, or NS access: RAZ/WI */
1292 return MEMTX_OK;
1293 } else {
1294 s->abpr[cpu] = MAX(value & 0x7, GIC_MIN_ABPR);
1295 }
1296 break;
1297 case 0xd0: case 0xd4: case 0xd8: case 0xdc:
1298 {
1299 int regno = (offset - 0xd0) / 4;
1300
1301 if (regno >= GIC_NR_APRS || s->revision != 2) {
1302 return MEMTX_OK;
1303 }
1304 if (s->security_extn && !attrs.secure) {
1305 /* NS view of GICC_APR<n> is the top half of GIC_NSAPR<n> */
1306 gic_apr_write_ns_view(s, regno, cpu, value);
1307 } else {
1308 s->apr[regno][cpu] = value;
1309 }
1310 break;
1311 }
1312 case 0xe0: case 0xe4: case 0xe8: case 0xec:
1313 {
1314 int regno = (offset - 0xe0) / 4;
1315
1316 if (regno >= GIC_NR_APRS || s->revision != 2) {
1317 return MEMTX_OK;
1318 }
1319 if (!gic_has_groups(s) || (s->security_extn && !attrs.secure)) {
1320 return MEMTX_OK;
1321 }
1322 s->nsapr[regno][cpu] = value;
1323 break;
1324 }
1325 case 0x1000:
1326 /* GICC_DIR */
1327 gic_deactivate_irq(s, cpu, value & 0x3ff, attrs);
1328 break;
1329 default:
1330 qemu_log_mask(LOG_GUEST_ERROR,
1331 "gic_cpu_write: Bad offset %x\n", (int)offset);
1332 return MEMTX_ERROR;
1333 }
1334 gic_update(s);
1335 return MEMTX_OK;
1336 }
1337
1338 /* Wrappers to read/write the GIC CPU interface for the current CPU */
1339 static MemTxResult gic_thiscpu_read(void *opaque, hwaddr addr, uint64_t *data,
1340 unsigned size, MemTxAttrs attrs)
1341 {
1342 GICState *s = (GICState *)opaque;
1343 return gic_cpu_read(s, gic_get_current_cpu(s), addr, data, attrs);
1344 }
1345
1346 static MemTxResult gic_thiscpu_write(void *opaque, hwaddr addr,
1347 uint64_t value, unsigned size,
1348 MemTxAttrs attrs)
1349 {
1350 GICState *s = (GICState *)opaque;
1351 return gic_cpu_write(s, gic_get_current_cpu(s), addr, value, attrs);
1352 }
1353
1354 /* Wrappers to read/write the GIC CPU interface for a specific CPU.
1355 * These just decode the opaque pointer into GICState* + cpu id.
1356 */
1357 static MemTxResult gic_do_cpu_read(void *opaque, hwaddr addr, uint64_t *data,
1358 unsigned size, MemTxAttrs attrs)
1359 {
1360 GICState **backref = (GICState **)opaque;
1361 GICState *s = *backref;
1362 int id = (backref - s->backref);
1363 return gic_cpu_read(s, id, addr, data, attrs);
1364 }
1365
1366 static MemTxResult gic_do_cpu_write(void *opaque, hwaddr addr,
1367 uint64_t value, unsigned size,
1368 MemTxAttrs attrs)
1369 {
1370 GICState **backref = (GICState **)opaque;
1371 GICState *s = *backref;
1372 int id = (backref - s->backref);
1373 return gic_cpu_write(s, id, addr, value, attrs);
1374 }
1375
1376 static const MemoryRegionOps gic_ops[2] = {
1377 {
1378 .read_with_attrs = gic_dist_read,
1379 .write_with_attrs = gic_dist_write,
1380 .endianness = DEVICE_NATIVE_ENDIAN,
1381 },
1382 {
1383 .read_with_attrs = gic_thiscpu_read,
1384 .write_with_attrs = gic_thiscpu_write,
1385 .endianness = DEVICE_NATIVE_ENDIAN,
1386 }
1387 };
1388
1389 static const MemoryRegionOps gic_cpu_ops = {
1390 .read_with_attrs = gic_do_cpu_read,
1391 .write_with_attrs = gic_do_cpu_write,
1392 .endianness = DEVICE_NATIVE_ENDIAN,
1393 };
1394
1395 /* This function is used by nvic model */
1396 void gic_init_irqs_and_distributor(GICState *s)
1397 {
1398 gic_init_irqs_and_mmio(s, gic_set_irq, gic_ops);
1399 }
1400
1401 static void arm_gic_realize(DeviceState *dev, Error **errp)
1402 {
1403 /* Device instance realize function for the GIC sysbus device */
1404 int i;
1405 GICState *s = ARM_GIC(dev);
1406 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
1407 ARMGICClass *agc = ARM_GIC_GET_CLASS(s);
1408 Error *local_err = NULL;
1409
1410 agc->parent_realize(dev, &local_err);
1411 if (local_err) {
1412 error_propagate(errp, local_err);
1413 return;
1414 }
1415
1416 if (kvm_enabled() && !kvm_arm_supports_user_irq()) {
1417 error_setg(errp, "KVM with user space irqchip only works when the "
1418 "host kernel supports KVM_CAP_ARM_USER_IRQ");
1419 return;
1420 }
1421
1422 /* This creates distributor and main CPU interface (s->cpuiomem[0]) */
1423 gic_init_irqs_and_mmio(s, gic_set_irq, gic_ops);
1424
1425 /* Extra core-specific regions for the CPU interfaces. This is
1426 * necessary for "franken-GIC" implementations, for example on
1427 * Exynos 4.
1428 * NB that the memory region size of 0x100 applies for the 11MPCore
1429 * and also cores following the GIC v1 spec (ie A9).
1430 * GIC v2 defines a larger memory region (0x1000) so this will need
1431 * to be extended when we implement A15.
1432 */
1433 for (i = 0; i < s->num_cpu; i++) {
1434 s->backref[i] = s;
1435 memory_region_init_io(&s->cpuiomem[i+1], OBJECT(s), &gic_cpu_ops,
1436 &s->backref[i], "gic_cpu", 0x100);
1437 sysbus_init_mmio(sbd, &s->cpuiomem[i+1]);
1438 }
1439 }
1440
1441 static void arm_gic_class_init(ObjectClass *klass, void *data)
1442 {
1443 DeviceClass *dc = DEVICE_CLASS(klass);
1444 ARMGICClass *agc = ARM_GIC_CLASS(klass);
1445
1446 agc->parent_realize = dc->realize;
1447 dc->realize = arm_gic_realize;
1448 }
1449
1450 static const TypeInfo arm_gic_info = {
1451 .name = TYPE_ARM_GIC,
1452 .parent = TYPE_ARM_GIC_COMMON,
1453 .instance_size = sizeof(GICState),
1454 .class_init = arm_gic_class_init,
1455 .class_size = sizeof(ARMGICClass),
1456 };
1457
1458 static void arm_gic_register_types(void)
1459 {
1460 type_register_static(&arm_gic_info);
1461 }
1462
1463 type_init(arm_gic_register_types)
AR7 emulation for QEMU