search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
spapr_pci: fix irq leak in RTAS ibm,change-msi
[qemu/ar7.git] / hw / ppc / spapr_pci.c
blob9b2b546b541c17e20cf00ac4dbf35918cd4eef94
1 /*
2 * QEMU sPAPR PCI host originated from Uninorth PCI host
3 *
4 * Copyright (c) 2011 Alexey Kardashevskiy, IBM Corporation.
5 * Copyright (C) 2011 David Gibson, IBM Corporation.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "qemu/osdep.h"
26 #include "hw/hw.h"
27 #include "hw/sysbus.h"
28 #include "hw/pci/pci.h"
29 #include "hw/pci/msi.h"
30 #include "hw/pci/msix.h"
31 #include "hw/pci/pci_host.h"
32 #include "hw/ppc/spapr.h"
33 #include "hw/pci-host/spapr.h"
34 #include "exec/address-spaces.h"
35 #include <libfdt.h>
36 #include "trace.h"
37 #include "qemu/error-report.h"
38 #include "qapi/qmp/qerror.h"
39
40 #include "hw/pci/pci_bridge.h"
41 #include "hw/pci/pci_bus.h"
42 #include "hw/ppc/spapr_drc.h"
43 #include "sysemu/device_tree.h"
44
45 /* Copied from the kernel arch/powerpc/platforms/pseries/msi.c */
46 #define RTAS_QUERY_FN 0
47 #define RTAS_CHANGE_FN 1
48 #define RTAS_RESET_FN 2
49 #define RTAS_CHANGE_MSI_FN 3
50 #define RTAS_CHANGE_MSIX_FN 4
51
52 /* Interrupt types to return on RTAS_CHANGE_* */
53 #define RTAS_TYPE_MSI 1
54 #define RTAS_TYPE_MSIX 2
55
56 #define FDT_NAME_MAX 128
57
58 #define _FDT(exp) \
59 do { \
60 int ret = (exp); \
61 if (ret < 0) { \
62 return ret; \
63 } \
64 } while (0)
65
66 sPAPRPHBState *spapr_pci_find_phb(sPAPRMachineState *spapr, uint64_t buid)
67 {
68 sPAPRPHBState *sphb;
69
70 QLIST_FOREACH(sphb, &spapr->phbs, list) {
71 if (sphb->buid != buid) {
72 continue;
73 }
74 return sphb;
75 }
76
77 return NULL;
78 }
79
80 PCIDevice *spapr_pci_find_dev(sPAPRMachineState *spapr, uint64_t buid,
81 uint32_t config_addr)
82 {
83 sPAPRPHBState *sphb = spapr_pci_find_phb(spapr, buid);
84 PCIHostState *phb = PCI_HOST_BRIDGE(sphb);
85 int bus_num = (config_addr >> 16) & 0xFF;
86 int devfn = (config_addr >> 8) & 0xFF;
87
88 if (!phb) {
89 return NULL;
90 }
91
92 return pci_find_device(phb->bus, bus_num, devfn);
93 }
94
95 static uint32_t rtas_pci_cfgaddr(uint32_t arg)
96 {
97 /* This handles the encoding of extended config space addresses */
98 return ((arg >> 20) & 0xf00) | (arg & 0xff);
99 }
100
101 static void finish_read_pci_config(sPAPRMachineState *spapr, uint64_t buid,
102 uint32_t addr, uint32_t size,
103 target_ulong rets)
104 {
105 PCIDevice *pci_dev;
106 uint32_t val;
107
108 if ((size != 1) && (size != 2) && (size != 4)) {
109 /* access must be 1, 2 or 4 bytes */
110 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
111 return;
112 }
113
114 pci_dev = spapr_pci_find_dev(spapr, buid, addr);
115 addr = rtas_pci_cfgaddr(addr);
116
117 if (!pci_dev || (addr % size) || (addr >= pci_config_size(pci_dev))) {
118 /* Access must be to a valid device, within bounds and
119 * naturally aligned */
120 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
121 return;
122 }
123
124 val = pci_host_config_read_common(pci_dev, addr,
125 pci_config_size(pci_dev), size);
126
127 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
128 rtas_st(rets, 1, val);
129 }
130
131 static void rtas_ibm_read_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr,
132 uint32_t token, uint32_t nargs,
133 target_ulong args,
134 uint32_t nret, target_ulong rets)
135 {
136 uint64_t buid;
137 uint32_t size, addr;
138
139 if ((nargs != 4) || (nret != 2)) {
140 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
141 return;
142 }
143
144 buid = rtas_ldq(args, 1);
145 size = rtas_ld(args, 3);
146 addr = rtas_ld(args, 0);
147
148 finish_read_pci_config(spapr, buid, addr, size, rets);
149 }
150
151 static void rtas_read_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr,
152 uint32_t token, uint32_t nargs,
153 target_ulong args,
154 uint32_t nret, target_ulong rets)
155 {
156 uint32_t size, addr;
157
158 if ((nargs != 2) || (nret != 2)) {
159 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
160 return;
161 }
162
163 size = rtas_ld(args, 1);
164 addr = rtas_ld(args, 0);
165
166 finish_read_pci_config(spapr, 0, addr, size, rets);
167 }
168
169 static void finish_write_pci_config(sPAPRMachineState *spapr, uint64_t buid,
170 uint32_t addr, uint32_t size,
171 uint32_t val, target_ulong rets)
172 {
173 PCIDevice *pci_dev;
174
175 if ((size != 1) && (size != 2) && (size != 4)) {
176 /* access must be 1, 2 or 4 bytes */
177 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
178 return;
179 }
180
181 pci_dev = spapr_pci_find_dev(spapr, buid, addr);
182 addr = rtas_pci_cfgaddr(addr);
183
184 if (!pci_dev || (addr % size) || (addr >= pci_config_size(pci_dev))) {
185 /* Access must be to a valid device, within bounds and
186 * naturally aligned */
187 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
188 return;
189 }
190
191 pci_host_config_write_common(pci_dev, addr, pci_config_size(pci_dev),
192 val, size);
193
194 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
195 }
196
197 static void rtas_ibm_write_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr,
198 uint32_t token, uint32_t nargs,
199 target_ulong args,
200 uint32_t nret, target_ulong rets)
201 {
202 uint64_t buid;
203 uint32_t val, size, addr;
204
205 if ((nargs != 5) || (nret != 1)) {
206 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
207 return;
208 }
209
210 buid = rtas_ldq(args, 1);
211 val = rtas_ld(args, 4);
212 size = rtas_ld(args, 3);
213 addr = rtas_ld(args, 0);
214
215 finish_write_pci_config(spapr, buid, addr, size, val, rets);
216 }
217
218 static void rtas_write_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr,
219 uint32_t token, uint32_t nargs,
220 target_ulong args,
221 uint32_t nret, target_ulong rets)
222 {
223 uint32_t val, size, addr;
224
225 if ((nargs != 3) || (nret != 1)) {
226 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
227 return;
228 }
229
230
231 val = rtas_ld(args, 2);
232 size = rtas_ld(args, 1);
233 addr = rtas_ld(args, 0);
234
235 finish_write_pci_config(spapr, 0, addr, size, val, rets);
236 }
237
238 /*
239 * Set MSI/MSIX message data.
240 * This is required for msi_notify()/msix_notify() which
241 * will write at the addresses via spapr_msi_write().
242 *
243 * If hwaddr == 0, all entries will have .data == first_irq i.e.
244 * table will be reset.
245 */
246 static void spapr_msi_setmsg(PCIDevice *pdev, hwaddr addr, bool msix,
247 unsigned first_irq, unsigned req_num)
248 {
249 unsigned i;
250 MSIMessage msg = { .address = addr, .data = first_irq };
251
252 if (!msix) {
253 msi_set_message(pdev, msg);
254 trace_spapr_pci_msi_setup(pdev->name, 0, msg.address);
255 return;
256 }
257
258 for (i = 0; i < req_num; ++i) {
259 msix_set_message(pdev, i, msg);
260 trace_spapr_pci_msi_setup(pdev->name, i, msg.address);
261 if (addr) {
262 ++msg.data;
263 }
264 }
265 }
266
267 static void rtas_ibm_change_msi(PowerPCCPU *cpu, sPAPRMachineState *spapr,
268 uint32_t token, uint32_t nargs,
269 target_ulong args, uint32_t nret,
270 target_ulong rets)
271 {
272 uint32_t config_addr = rtas_ld(args, 0);
273 uint64_t buid = rtas_ldq(args, 1);
274 unsigned int func = rtas_ld(args, 3);
275 unsigned int req_num = rtas_ld(args, 4); /* 0 == remove all */
276 unsigned int seq_num = rtas_ld(args, 5);
277 unsigned int ret_intr_type;
278 unsigned int irq, max_irqs = 0;
279 sPAPRPHBState *phb = NULL;
280 PCIDevice *pdev = NULL;
281 spapr_pci_msi *msi;
282 int *config_addr_key;
283
284 switch (func) {
285 case RTAS_CHANGE_MSI_FN:
286 case RTAS_CHANGE_FN:
287 ret_intr_type = RTAS_TYPE_MSI;
288 break;
289 case RTAS_CHANGE_MSIX_FN:
290 ret_intr_type = RTAS_TYPE_MSIX;
291 break;
292 default:
293 error_report("rtas_ibm_change_msi(%u) is not implemented", func);
294 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
295 return;
296 }
297
298 /* Fins sPAPRPHBState */
299 phb = spapr_pci_find_phb(spapr, buid);
300 if (phb) {
301 pdev = spapr_pci_find_dev(spapr, buid, config_addr);
302 }
303 if (!phb || !pdev) {
304 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
305 return;
306 }
307
308 msi = (spapr_pci_msi *) g_hash_table_lookup(phb->msi, &config_addr);
309
310 /* Releasing MSIs */
311 if (!req_num) {
312 if (!msi) {
313 trace_spapr_pci_msi("Releasing wrong config", config_addr);
314 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
315 return;
316 }
317
318 xics_free(spapr->icp, msi->first_irq, msi->num);
319 if (msi_present(pdev)) {
320 spapr_msi_setmsg(pdev, 0, false, 0, 0);
321 }
322 if (msix_present(pdev)) {
323 spapr_msi_setmsg(pdev, 0, true, 0, 0);
324 }
325 g_hash_table_remove(phb->msi, &config_addr);
326
327 trace_spapr_pci_msi("Released MSIs", config_addr);
328 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
329 rtas_st(rets, 1, 0);
330 return;
331 }
332
333 /* Enabling MSI */
334
335 /* Check if the device supports as many IRQs as requested */
336 if (ret_intr_type == RTAS_TYPE_MSI) {
337 max_irqs = msi_nr_vectors_allocated(pdev);
338 } else if (ret_intr_type == RTAS_TYPE_MSIX) {
339 max_irqs = pdev->msix_entries_nr;
340 }
341 if (!max_irqs) {
342 error_report("Requested interrupt type %d is not enabled for device %x",
343 ret_intr_type, config_addr);
344 rtas_st(rets, 0, -1); /* Hardware error */
345 return;
346 }
347 /* Correct the number if the guest asked for too many */
348 if (req_num > max_irqs) {
349 trace_spapr_pci_msi_retry(config_addr, req_num, max_irqs);
350 req_num = max_irqs;
351 irq = 0; /* to avoid misleading trace */
352 goto out;
353 }
354
355 /* Allocate MSIs */
356 irq = xics_alloc_block(spapr->icp, 0, req_num, false,
357 ret_intr_type == RTAS_TYPE_MSI);
358 if (!irq) {
359 error_report("Cannot allocate MSIs for device %x", config_addr);
360 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
361 return;
362 }
363
364 /* Release previous MSIs */
365 if (msi) {
366 xics_free(spapr->icp, msi->first_irq, msi->num);
367 g_hash_table_remove(phb->msi, &config_addr);
368 }
369
370 /* Setup MSI/MSIX vectors in the device (via cfgspace or MSIX BAR) */
371 spapr_msi_setmsg(pdev, SPAPR_PCI_MSI_WINDOW, ret_intr_type == RTAS_TYPE_MSIX,
372 irq, req_num);
373
374 /* Add MSI device to cache */
375 msi = g_new(spapr_pci_msi, 1);
376 msi->first_irq = irq;
377 msi->num = req_num;
378 config_addr_key = g_new(int, 1);
379 *config_addr_key = config_addr;
380 g_hash_table_insert(phb->msi, config_addr_key, msi);
381
382 out:
383 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
384 rtas_st(rets, 1, req_num);
385 rtas_st(rets, 2, ++seq_num);
386 if (nret > 3) {
387 rtas_st(rets, 3, ret_intr_type);
388 }
389
390 trace_spapr_pci_rtas_ibm_change_msi(config_addr, func, req_num, irq);
391 }
392
393 static void rtas_ibm_query_interrupt_source_number(PowerPCCPU *cpu,
394 sPAPRMachineState *spapr,
395 uint32_t token,
396 uint32_t nargs,
397 target_ulong args,
398 uint32_t nret,
399 target_ulong rets)
400 {
401 uint32_t config_addr = rtas_ld(args, 0);
402 uint64_t buid = rtas_ldq(args, 1);
403 unsigned int intr_src_num = -1, ioa_intr_num = rtas_ld(args, 3);
404 sPAPRPHBState *phb = NULL;
405 PCIDevice *pdev = NULL;
406 spapr_pci_msi *msi;
407
408 /* Find sPAPRPHBState */
409 phb = spapr_pci_find_phb(spapr, buid);
410 if (phb) {
411 pdev = spapr_pci_find_dev(spapr, buid, config_addr);
412 }
413 if (!phb || !pdev) {
414 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
415 return;
416 }
417
418 /* Find device descriptor and start IRQ */
419 msi = (spapr_pci_msi *) g_hash_table_lookup(phb->msi, &config_addr);
420 if (!msi || !msi->first_irq || !msi->num || (ioa_intr_num >= msi->num)) {
421 trace_spapr_pci_msi("Failed to return vector", config_addr);
422 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
423 return;
424 }
425 intr_src_num = msi->first_irq + ioa_intr_num;
426 trace_spapr_pci_rtas_ibm_query_interrupt_source_number(ioa_intr_num,
427 intr_src_num);
428
429 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
430 rtas_st(rets, 1, intr_src_num);
431 rtas_st(rets, 2, 1);/* 0 == level; 1 == edge */
432 }
433
434 static void rtas_ibm_set_eeh_option(PowerPCCPU *cpu,
435 sPAPRMachineState *spapr,
436 uint32_t token, uint32_t nargs,
437 target_ulong args, uint32_t nret,
438 target_ulong rets)
439 {
440 sPAPRPHBState *sphb;
441 sPAPRPHBClass *spc;
442 uint32_t addr, option;
443 uint64_t buid;
444 int ret;
445
446 if ((nargs != 4) || (nret != 1)) {
447 goto param_error_exit;
448 }
449
450 buid = rtas_ldq(args, 1);
451 addr = rtas_ld(args, 0);
452 option = rtas_ld(args, 3);
453
454 sphb = spapr_pci_find_phb(spapr, buid);
455 if (!sphb) {
456 goto param_error_exit;
457 }
458
459 spc = SPAPR_PCI_HOST_BRIDGE_GET_CLASS(sphb);
460 if (!spc->eeh_set_option) {
461 goto param_error_exit;
462 }
463
464 ret = spc->eeh_set_option(sphb, addr, option);
465 rtas_st(rets, 0, ret);
466 return;
467
468 param_error_exit:
469 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
470 }
471
472 static void rtas_ibm_get_config_addr_info2(PowerPCCPU *cpu,
473 sPAPRMachineState *spapr,
474 uint32_t token, uint32_t nargs,
475 target_ulong args, uint32_t nret,
476 target_ulong rets)
477 {
478 sPAPRPHBState *sphb;
479 sPAPRPHBClass *spc;
480 PCIDevice *pdev;
481 uint32_t addr, option;
482 uint64_t buid;
483
484 if ((nargs != 4) || (nret != 2)) {
485 goto param_error_exit;
486 }
487
488 buid = rtas_ldq(args, 1);
489 sphb = spapr_pci_find_phb(spapr, buid);
490 if (!sphb) {
491 goto param_error_exit;
492 }
493
494 spc = SPAPR_PCI_HOST_BRIDGE_GET_CLASS(sphb);
495 if (!spc->eeh_set_option) {
496 goto param_error_exit;
497 }
498
499 /*
500 * We always have PE address of form "00BB0001". "BB"
501 * represents the bus number of PE's primary bus.
502 */
503 option = rtas_ld(args, 3);
504 switch (option) {
505 case RTAS_GET_PE_ADDR:
506 addr = rtas_ld(args, 0);
507 pdev = spapr_pci_find_dev(spapr, buid, addr);
508 if (!pdev) {
509 goto param_error_exit;
510 }
511
512 rtas_st(rets, 1, (pci_bus_num(pdev->bus) << 16) + 1);
513 break;
514 case RTAS_GET_PE_MODE:
515 rtas_st(rets, 1, RTAS_PE_MODE_SHARED);
516 break;
517 default:
518 goto param_error_exit;
519 }
520
521 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
522 return;
523
524 param_error_exit:
525 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
526 }
527
528 static void rtas_ibm_read_slot_reset_state2(PowerPCCPU *cpu,
529 sPAPRMachineState *spapr,
530 uint32_t token, uint32_t nargs,
531 target_ulong args, uint32_t nret,
532 target_ulong rets)
533 {
534 sPAPRPHBState *sphb;
535 sPAPRPHBClass *spc;
536 uint64_t buid;
537 int state, ret;
538
539 if ((nargs != 3) || (nret != 4 && nret != 5)) {
540 goto param_error_exit;
541 }
542
543 buid = rtas_ldq(args, 1);
544 sphb = spapr_pci_find_phb(spapr, buid);
545 if (!sphb) {
546 goto param_error_exit;
547 }
548
549 spc = SPAPR_PCI_HOST_BRIDGE_GET_CLASS(sphb);
550 if (!spc->eeh_get_state) {
551 goto param_error_exit;
552 }
553
554 ret = spc->eeh_get_state(sphb, &state);
555 rtas_st(rets, 0, ret);
556 if (ret != RTAS_OUT_SUCCESS) {
557 return;
558 }
559
560 rtas_st(rets, 1, state);
561 rtas_st(rets, 2, RTAS_EEH_SUPPORT);
562 rtas_st(rets, 3, RTAS_EEH_PE_UNAVAIL_INFO);
563 if (nret >= 5) {
564 rtas_st(rets, 4, RTAS_EEH_PE_RECOVER_INFO);
565 }
566 return;
567
568 param_error_exit:
569 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
570 }
571
572 static void rtas_ibm_set_slot_reset(PowerPCCPU *cpu,
573 sPAPRMachineState *spapr,
574 uint32_t token, uint32_t nargs,
575 target_ulong args, uint32_t nret,
576 target_ulong rets)
577 {
578 sPAPRPHBState *sphb;
579 sPAPRPHBClass *spc;
580 uint32_t option;
581 uint64_t buid;
582 int ret;
583
584 if ((nargs != 4) || (nret != 1)) {
585 goto param_error_exit;
586 }
587
588 buid = rtas_ldq(args, 1);
589 option = rtas_ld(args, 3);
590 sphb = spapr_pci_find_phb(spapr, buid);
591 if (!sphb) {
592 goto param_error_exit;
593 }
594
595 spc = SPAPR_PCI_HOST_BRIDGE_GET_CLASS(sphb);
596 if (!spc->eeh_reset) {
597 goto param_error_exit;
598 }
599
600 ret = spc->eeh_reset(sphb, option);
601 rtas_st(rets, 0, ret);
602 return;
603
604 param_error_exit:
605 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
606 }
607
608 static void rtas_ibm_configure_pe(PowerPCCPU *cpu,
609 sPAPRMachineState *spapr,
610 uint32_t token, uint32_t nargs,
611 target_ulong args, uint32_t nret,
612 target_ulong rets)
613 {
614 sPAPRPHBState *sphb;
615 sPAPRPHBClass *spc;
616 uint64_t buid;
617 int ret;
618
619 if ((nargs != 3) || (nret != 1)) {
620 goto param_error_exit;
621 }
622
623 buid = rtas_ldq(args, 1);
624 sphb = spapr_pci_find_phb(spapr, buid);
625 if (!sphb) {
626 goto param_error_exit;
627 }
628
629 spc = SPAPR_PCI_HOST_BRIDGE_GET_CLASS(sphb);
630 if (!spc->eeh_configure) {
631 goto param_error_exit;
632 }
633
634 ret = spc->eeh_configure(sphb);
635 rtas_st(rets, 0, ret);
636 return;
637
638 param_error_exit:
639 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
640 }
641
642 /* To support it later */
643 static void rtas_ibm_slot_error_detail(PowerPCCPU *cpu,
644 sPAPRMachineState *spapr,
645 uint32_t token, uint32_t nargs,
646 target_ulong args, uint32_t nret,
647 target_ulong rets)
648 {
649 sPAPRPHBState *sphb;
650 sPAPRPHBClass *spc;
651 int option;
652 uint64_t buid;
653
654 if ((nargs != 8) || (nret != 1)) {
655 goto param_error_exit;
656 }
657
658 buid = rtas_ldq(args, 1);
659 sphb = spapr_pci_find_phb(spapr, buid);
660 if (!sphb) {
661 goto param_error_exit;
662 }
663
664 spc = SPAPR_PCI_HOST_BRIDGE_GET_CLASS(sphb);
665 if (!spc->eeh_set_option) {
666 goto param_error_exit;
667 }
668
669 option = rtas_ld(args, 7);
670 switch (option) {
671 case RTAS_SLOT_TEMP_ERR_LOG:
672 case RTAS_SLOT_PERM_ERR_LOG:
673 break;
674 default:
675 goto param_error_exit;
676 }
677
678 /* We don't have error log yet */
679 rtas_st(rets, 0, RTAS_OUT_NO_ERRORS_FOUND);
680 return;
681
682 param_error_exit:
683 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
684 }
685
686 static int pci_spapr_swizzle(int slot, int pin)
687 {
688 return (slot + pin) % PCI_NUM_PINS;
689 }
690
691 static int pci_spapr_map_irq(PCIDevice *pci_dev, int irq_num)
692 {
693 /*
694 * Here we need to convert pci_dev + irq_num to some unique value
695 * which is less than number of IRQs on the specific bus (4). We
696 * use standard PCI swizzling, that is (slot number + pin number)
697 * % 4.
698 */
699 return pci_spapr_swizzle(PCI_SLOT(pci_dev->devfn), irq_num);
700 }
701
702 static void pci_spapr_set_irq(void *opaque, int irq_num, int level)
703 {
704 /*
705 * Here we use the number returned by pci_spapr_map_irq to find a
706 * corresponding qemu_irq.
707 */
708 sPAPRPHBState *phb = opaque;
709
710 trace_spapr_pci_lsi_set(phb->dtbusname, irq_num, phb->lsi_table[irq_num].irq);
711 qemu_set_irq(spapr_phb_lsi_qirq(phb, irq_num), level);
712 }
713
714 static PCIINTxRoute spapr_route_intx_pin_to_irq(void *opaque, int pin)
715 {
716 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(opaque);
717 PCIINTxRoute route;
718
719 route.mode = PCI_INTX_ENABLED;
720 route.irq = sphb->lsi_table[pin].irq;
721
722 return route;
723 }
724
725 /*
726 * MSI/MSIX memory region implementation.
727 * The handler handles both MSI and MSIX.
728 * For MSI-X, the vector number is encoded as a part of the address,
729 * data is set to 0.
730 * For MSI, the vector number is encoded in least bits in data.
731 */
732 static void spapr_msi_write(void *opaque, hwaddr addr,
733 uint64_t data, unsigned size)
734 {
735 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
736 uint32_t irq = data;
737
738 trace_spapr_pci_msi_write(addr, data, irq);
739
740 qemu_irq_pulse(xics_get_qirq(spapr->icp, irq));
741 }
742
743 static const MemoryRegionOps spapr_msi_ops = {
744 /* There is no .read as the read result is undefined by PCI spec */
745 .read = NULL,
746 .write = spapr_msi_write,
747 .endianness = DEVICE_LITTLE_ENDIAN
748 };
749
750 /*
751 * PHB PCI device
752 */
753 static AddressSpace *spapr_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn)
754 {
755 sPAPRPHBState *phb = opaque;
756
757 return &phb->iommu_as;
758 }
759
760 static char *spapr_phb_vfio_get_loc_code(sPAPRPHBState *sphb, PCIDevice *pdev)
761 {
762 char *path = NULL, *buf = NULL, *host = NULL;
763
764 /* Get the PCI VFIO host id */
765 host = object_property_get_str(OBJECT(pdev), "host", NULL);
766 if (!host) {
767 goto err_out;
768 }
769
770 /* Construct the path of the file that will give us the DT location */
771 path = g_strdup_printf("/sys/bus/pci/devices/%s/devspec", host);
772 g_free(host);
773 if (!path || !g_file_get_contents(path, &buf, NULL, NULL)) {
774 goto err_out;
775 }
776 g_free(path);
777
778 /* Construct and read from host device tree the loc-code */
779 path = g_strdup_printf("/proc/device-tree%s/ibm,loc-code", buf);
780 g_free(buf);
781 if (!path || !g_file_get_contents(path, &buf, NULL, NULL)) {
782 goto err_out;
783 }
784 return buf;
785
786 err_out:
787 g_free(path);
788 return NULL;
789 }
790
791 static char *spapr_phb_get_loc_code(sPAPRPHBState *sphb, PCIDevice *pdev)
792 {
793 char *buf;
794 const char *devtype = "qemu";
795 uint32_t busnr = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(pdev))));
796
797 if (object_dynamic_cast(OBJECT(pdev), "vfio-pci")) {
798 buf = spapr_phb_vfio_get_loc_code(sphb, pdev);
799 if (buf) {
800 return buf;
801 }
802 devtype = "vfio";
803 }
804 /*
805 * For emulated devices and VFIO-failure case, make up
806 * the loc-code.
807 */
808 buf = g_strdup_printf("%s_%s:%04x:%02x:%02x.%x",
809 devtype, pdev->name, sphb->index, busnr,
810 PCI_SLOT(pdev->devfn), PCI_FUNC(pdev->devfn));
811 return buf;
812 }
813
814 /* Macros to operate with address in OF binding to PCI */
815 #define b_x(x, p, l) (((x) & ((1<<(l))-1)) << (p))
816 #define b_n(x) b_x((x), 31, 1) /* 0 if relocatable */
817 #define b_p(x) b_x((x), 30, 1) /* 1 if prefetchable */
818 #define b_t(x) b_x((x), 29, 1) /* 1 if the address is aliased */
819 #define b_ss(x) b_x((x), 24, 2) /* the space code */
820 #define b_bbbbbbbb(x) b_x((x), 16, 8) /* bus number */
821 #define b_ddddd(x) b_x((x), 11, 5) /* device number */
822 #define b_fff(x) b_x((x), 8, 3) /* function number */
823 #define b_rrrrrrrr(x) b_x((x), 0, 8) /* register number */
824
825 /* for 'reg'/'assigned-addresses' OF properties */
826 #define RESOURCE_CELLS_SIZE 2
827 #define RESOURCE_CELLS_ADDRESS 3
828
829 typedef struct ResourceFields {
830 uint32_t phys_hi;
831 uint32_t phys_mid;
832 uint32_t phys_lo;
833 uint32_t size_hi;
834 uint32_t size_lo;
835 } QEMU_PACKED ResourceFields;
836
837 typedef struct ResourceProps {
838 ResourceFields reg[8];
839 ResourceFields assigned[7];
840 uint32_t reg_len;
841 uint32_t assigned_len;
842 } ResourceProps;
843
844 /* fill in the 'reg'/'assigned-resources' OF properties for
845 * a PCI device. 'reg' describes resource requirements for a
846 * device's IO/MEM regions, 'assigned-addresses' describes the
847 * actual resource assignments.
848 *
849 * the properties are arrays of ('phys-addr', 'size') pairs describing
850 * the addressable regions of the PCI device, where 'phys-addr' is a
851 * RESOURCE_CELLS_ADDRESS-tuple of 32-bit integers corresponding to
852 * (phys.hi, phys.mid, phys.lo), and 'size' is a
853 * RESOURCE_CELLS_SIZE-tuple corresponding to (size.hi, size.lo).
854 *
855 * phys.hi = 0xYYXXXXZZ, where:
856 * 0xYY = npt000ss
857 * ||| |
858 * ||| +-- space code
859 * ||| |
860 * ||| + 00 if configuration space
861 * ||| + 01 if IO region,
862 * ||| + 10 if 32-bit MEM region
863 * ||| + 11 if 64-bit MEM region
864 * |||
865 * ||+------ for non-relocatable IO: 1 if aliased
866 * || for relocatable IO: 1 if below 64KB
867 * || for MEM: 1 if below 1MB
868 * |+------- 1 if region is prefetchable
869 * +-------- 1 if region is non-relocatable
870 * 0xXXXX = bbbbbbbb dddddfff, encoding bus, slot, and function
871 * bits respectively
872 * 0xZZ = rrrrrrrr, the register number of the BAR corresponding
873 * to the region
874 *
875 * phys.mid and phys.lo correspond respectively to the hi/lo portions
876 * of the actual address of the region.
877 *
878 * how the phys-addr/size values are used differ slightly between
879 * 'reg' and 'assigned-addresses' properties. namely, 'reg' has
880 * an additional description for the config space region of the
881 * device, and in the case of QEMU has n=0 and phys.mid=phys.lo=0
882 * to describe the region as relocatable, with an address-mapping
883 * that corresponds directly to the PHB's address space for the
884 * resource. 'assigned-addresses' always has n=1 set with an absolute
885 * address assigned for the resource. in general, 'assigned-addresses'
886 * won't be populated, since addresses for PCI devices are generally
887 * unmapped initially and left to the guest to assign.
888 *
889 * note also that addresses defined in these properties are, at least
890 * for PAPR guests, relative to the PHBs IO/MEM windows, and
891 * correspond directly to the addresses in the BARs.
892 *
893 * in accordance with PCI Bus Binding to Open Firmware,
894 * IEEE Std 1275-1994, section 4.1.1, as implemented by PAPR+ v2.7,
895 * Appendix C.
896 */
897 static void populate_resource_props(PCIDevice *d, ResourceProps *rp)
898 {
899 int bus_num = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(d))));
900 uint32_t dev_id = (b_bbbbbbbb(bus_num) |
901 b_ddddd(PCI_SLOT(d->devfn)) |
902 b_fff(PCI_FUNC(d->devfn)));
903 ResourceFields *reg, *assigned;
904 int i, reg_idx = 0, assigned_idx = 0;
905
906 /* config space region */
907 reg = &rp->reg[reg_idx++];
908 reg->phys_hi = cpu_to_be32(dev_id);
909 reg->phys_mid = 0;
910 reg->phys_lo = 0;
911 reg->size_hi = 0;
912 reg->size_lo = 0;
913
914 for (i = 0; i < PCI_NUM_REGIONS; i++) {
915 if (!d->io_regions[i].size) {
916 continue;
917 }
918
919 reg = &rp->reg[reg_idx++];
920
921 reg->phys_hi = cpu_to_be32(dev_id | b_rrrrrrrr(pci_bar(d, i)));
922 if (d->io_regions[i].type & PCI_BASE_ADDRESS_SPACE_IO) {
923 reg->phys_hi |= cpu_to_be32(b_ss(1));
924 } else if (d->io_regions[i].type & PCI_BASE_ADDRESS_MEM_TYPE_64) {
925 reg->phys_hi |= cpu_to_be32(b_ss(3));
926 } else {
927 reg->phys_hi |= cpu_to_be32(b_ss(2));
928 }
929 reg->phys_mid = 0;
930 reg->phys_lo = 0;
931 reg->size_hi = cpu_to_be32(d->io_regions[i].size >> 32);
932 reg->size_lo = cpu_to_be32(d->io_regions[i].size);
933
934 if (d->io_regions[i].addr == PCI_BAR_UNMAPPED) {
935 continue;
936 }
937
938 assigned = &rp->assigned[assigned_idx++];
939 assigned->phys_hi = cpu_to_be32(reg->phys_hi | b_n(1));
940 assigned->phys_mid = cpu_to_be32(d->io_regions[i].addr >> 32);
941 assigned->phys_lo = cpu_to_be32(d->io_regions[i].addr);
942 assigned->size_hi = reg->size_hi;
943 assigned->size_lo = reg->size_lo;
944 }
945
946 rp->reg_len = reg_idx * sizeof(ResourceFields);
947 rp->assigned_len = assigned_idx * sizeof(ResourceFields);
948 }
949
950 static uint32_t spapr_phb_get_pci_drc_index(sPAPRPHBState *phb,
951 PCIDevice *pdev);
952
953 static int spapr_populate_pci_child_dt(PCIDevice *dev, void *fdt, int offset,
954 sPAPRPHBState *sphb)
955 {
956 ResourceProps rp;
957 bool is_bridge = false;
958 int pci_status, err;
959 char *buf = NULL;
960 uint32_t drc_index = spapr_phb_get_pci_drc_index(sphb, dev);
961 uint32_t max_msi, max_msix;
962
963 if (pci_default_read_config(dev, PCI_HEADER_TYPE, 1) ==
964 PCI_HEADER_TYPE_BRIDGE) {
965 is_bridge = true;
966 }
967
968 /* in accordance with PAPR+ v2.7 13.6.3, Table 181 */
969 _FDT(fdt_setprop_cell(fdt, offset, "vendor-id",
970 pci_default_read_config(dev, PCI_VENDOR_ID, 2)));
971 _FDT(fdt_setprop_cell(fdt, offset, "device-id",
972 pci_default_read_config(dev, PCI_DEVICE_ID, 2)));
973 _FDT(fdt_setprop_cell(fdt, offset, "revision-id",
974 pci_default_read_config(dev, PCI_REVISION_ID, 1)));
975 _FDT(fdt_setprop_cell(fdt, offset, "class-code",
976 pci_default_read_config(dev, PCI_CLASS_PROG, 3)));
977 if (pci_default_read_config(dev, PCI_INTERRUPT_PIN, 1)) {
978 _FDT(fdt_setprop_cell(fdt, offset, "interrupts",
979 pci_default_read_config(dev, PCI_INTERRUPT_PIN, 1)));
980 }
981
982 if (!is_bridge) {
983 _FDT(fdt_setprop_cell(fdt, offset, "min-grant",
984 pci_default_read_config(dev, PCI_MIN_GNT, 1)));
985 _FDT(fdt_setprop_cell(fdt, offset, "max-latency",
986 pci_default_read_config(dev, PCI_MAX_LAT, 1)));
987 }
988
989 if (pci_default_read_config(dev, PCI_SUBSYSTEM_ID, 2)) {
990 _FDT(fdt_setprop_cell(fdt, offset, "subsystem-id",
991 pci_default_read_config(dev, PCI_SUBSYSTEM_ID, 2)));
992 }
993
994 if (pci_default_read_config(dev, PCI_SUBSYSTEM_VENDOR_ID, 2)) {
995 _FDT(fdt_setprop_cell(fdt, offset, "subsystem-vendor-id",
996 pci_default_read_config(dev, PCI_SUBSYSTEM_VENDOR_ID, 2)));
997 }
998
999 _FDT(fdt_setprop_cell(fdt, offset, "cache-line-size",
1000 pci_default_read_config(dev, PCI_CACHE_LINE_SIZE, 1)));
1001
1002 /* the following fdt cells are masked off the pci status register */
1003 pci_status = pci_default_read_config(dev, PCI_STATUS, 2);
1004 _FDT(fdt_setprop_cell(fdt, offset, "devsel-speed",
1005 PCI_STATUS_DEVSEL_MASK & pci_status));
1006
1007 if (pci_status & PCI_STATUS_FAST_BACK) {
1008 _FDT(fdt_setprop(fdt, offset, "fast-back-to-back", NULL, 0));
1009 }
1010 if (pci_status & PCI_STATUS_66MHZ) {
1011 _FDT(fdt_setprop(fdt, offset, "66mhz-capable", NULL, 0));
1012 }
1013 if (pci_status & PCI_STATUS_UDF) {
1014 _FDT(fdt_setprop(fdt, offset, "udf-supported", NULL, 0));
1015 }
1016
1017 /* NOTE: this is normally generated by firmware via path/unit name,
1018 * but in our case we must set it manually since it does not get
1019 * processed by OF beforehand
1020 */
1021 _FDT(fdt_setprop_string(fdt, offset, "name", "pci"));
1022 buf = spapr_phb_get_loc_code(sphb, dev);
1023 if (!buf) {
1024 error_report("Failed setting the ibm,loc-code");
1025 return -1;
1026 }
1027
1028 err = fdt_setprop_string(fdt, offset, "ibm,loc-code", buf);
1029 g_free(buf);
1030 if (err < 0) {
1031 return err;
1032 }
1033
1034 if (drc_index) {
1035 _FDT(fdt_setprop_cell(fdt, offset, "ibm,my-drc-index", drc_index));
1036 }
1037
1038 _FDT(fdt_setprop_cell(fdt, offset, "#address-cells",
1039 RESOURCE_CELLS_ADDRESS));
1040 _FDT(fdt_setprop_cell(fdt, offset, "#size-cells",
1041 RESOURCE_CELLS_SIZE));
1042
1043 max_msi = msi_nr_vectors_allocated(dev);
1044 if (max_msi) {
1045 _FDT(fdt_setprop_cell(fdt, offset, "ibm,req#msi", max_msi));
1046 }
1047 max_msix = dev->msix_entries_nr;
1048 if (max_msix) {
1049 _FDT(fdt_setprop_cell(fdt, offset, "ibm,req#msi-x", max_msix));
1050 }
1051
1052 populate_resource_props(dev, &rp);
1053 _FDT(fdt_setprop(fdt, offset, "reg", (uint8_t *)rp.reg, rp.reg_len));
1054 _FDT(fdt_setprop(fdt, offset, "assigned-addresses",
1055 (uint8_t *)rp.assigned, rp.assigned_len));
1056
1057 return 0;
1058 }
1059
1060 /* create OF node for pci device and required OF DT properties */
1061 static int spapr_create_pci_child_dt(sPAPRPHBState *phb, PCIDevice *dev,
1062 void *fdt, int node_offset)
1063 {
1064 int offset, ret;
1065 int slot = PCI_SLOT(dev->devfn);
1066 int func = PCI_FUNC(dev->devfn);
1067 char nodename[FDT_NAME_MAX];
1068
1069 if (func != 0) {
1070 snprintf(nodename, FDT_NAME_MAX, "pci@%x,%x", slot, func);
1071 } else {
1072 snprintf(nodename, FDT_NAME_MAX, "pci@%x", slot);
1073 }
1074 offset = fdt_add_subnode(fdt, node_offset, nodename);
1075 ret = spapr_populate_pci_child_dt(dev, fdt, offset, phb);
1076
1077 g_assert(!ret);
1078 if (ret) {
1079 return 0;
1080 }
1081 return offset;
1082 }
1083
1084 static void spapr_phb_add_pci_device(sPAPRDRConnector *drc,
1085 sPAPRPHBState *phb,
1086 PCIDevice *pdev,
1087 Error **errp)
1088 {
1089 sPAPRDRConnectorClass *drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
1090 DeviceState *dev = DEVICE(pdev);
1091 void *fdt = NULL;
1092 int fdt_start_offset = 0, fdt_size;
1093
1094 if (object_dynamic_cast(OBJECT(pdev), "vfio-pci")) {
1095 sPAPRTCETable *tcet = spapr_tce_find_by_liobn(phb->dma_liobn);
1096
1097 spapr_tce_set_need_vfio(tcet, true);
1098 }
1099
1100 if (dev->hotplugged) {
1101 fdt = create_device_tree(&fdt_size);
1102 fdt_start_offset = spapr_create_pci_child_dt(phb, pdev, fdt, 0);
1103 if (!fdt_start_offset) {
1104 error_setg(errp, "Failed to create pci child device tree node");
1105 goto out;
1106 }
1107 }
1108
1109 drck->attach(drc, DEVICE(pdev),
1110 fdt, fdt_start_offset, !dev->hotplugged, errp);
1111 out:
1112 if (*errp) {
1113 g_free(fdt);
1114 }
1115 }
1116
1117 static void spapr_phb_remove_pci_device_cb(DeviceState *dev, void *opaque)
1118 {
1119 /* some version guests do not wait for completion of a device
1120 * cleanup (generally done asynchronously by the kernel) before
1121 * signaling to QEMU that the device is safe, but instead sleep
1122 * for some 'safe' period of time. unfortunately on a busy host
1123 * this sleep isn't guaranteed to be long enough, resulting in
1124 * bad things like IRQ lines being left asserted during final
1125 * device removal. to deal with this we call reset just prior
1126 * to finalizing the device, which will put the device back into
1127 * an 'idle' state, as the device cleanup code expects.
1128 */
1129 pci_device_reset(PCI_DEVICE(dev));
1130 object_unparent(OBJECT(dev));
1131 }
1132
1133 static void spapr_phb_remove_pci_device(sPAPRDRConnector *drc,
1134 sPAPRPHBState *phb,
1135 PCIDevice *pdev,
1136 Error **errp)
1137 {
1138 sPAPRDRConnectorClass *drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
1139
1140 drck->detach(drc, DEVICE(pdev), spapr_phb_remove_pci_device_cb, phb, errp);
1141 }
1142
1143 static sPAPRDRConnector *spapr_phb_get_pci_drc(sPAPRPHBState *phb,
1144 PCIDevice *pdev)
1145 {
1146 uint32_t busnr = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(pdev))));
1147 return spapr_dr_connector_by_id(SPAPR_DR_CONNECTOR_TYPE_PCI,
1148 (phb->index << 16) |
1149 (busnr << 8) |
1150 pdev->devfn);
1151 }
1152
1153 static uint32_t spapr_phb_get_pci_drc_index(sPAPRPHBState *phb,
1154 PCIDevice *pdev)
1155 {
1156 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev);
1157 sPAPRDRConnectorClass *drck;
1158
1159 if (!drc) {
1160 return 0;
1161 }
1162
1163 drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
1164 return drck->get_index(drc);
1165 }
1166
1167 static void spapr_phb_hot_plug_child(HotplugHandler *plug_handler,
1168 DeviceState *plugged_dev, Error **errp)
1169 {
1170 sPAPRPHBState *phb = SPAPR_PCI_HOST_BRIDGE(DEVICE(plug_handler));
1171 PCIDevice *pdev = PCI_DEVICE(plugged_dev);
1172 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev);
1173 Error *local_err = NULL;
1174
1175 /* if DR is disabled we don't need to do anything in the case of
1176 * hotplug or coldplug callbacks
1177 */
1178 if (!phb->dr_enabled) {
1179 /* if this is a hotplug operation initiated by the user
1180 * we need to let them know it's not enabled
1181 */
1182 if (plugged_dev->hotplugged) {
1183 error_setg(errp, QERR_BUS_NO_HOTPLUG,
1184 object_get_typename(OBJECT(phb)));
1185 }
1186 return;
1187 }
1188
1189 g_assert(drc);
1190
1191 spapr_phb_add_pci_device(drc, phb, pdev, &local_err);
1192 if (local_err) {
1193 error_propagate(errp, local_err);
1194 return;
1195 }
1196 if (plugged_dev->hotplugged) {
1197 spapr_hotplug_req_add_by_index(drc);
1198 }
1199 }
1200
1201 static void spapr_phb_hot_unplug_child(HotplugHandler *plug_handler,
1202 DeviceState *plugged_dev, Error **errp)
1203 {
1204 sPAPRPHBState *phb = SPAPR_PCI_HOST_BRIDGE(DEVICE(plug_handler));
1205 PCIDevice *pdev = PCI_DEVICE(plugged_dev);
1206 sPAPRDRConnectorClass *drck;
1207 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev);
1208 Error *local_err = NULL;
1209
1210 if (!phb->dr_enabled) {
1211 error_setg(errp, QERR_BUS_NO_HOTPLUG,
1212 object_get_typename(OBJECT(phb)));
1213 return;
1214 }
1215
1216 g_assert(drc);
1217
1218 drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
1219 if (!drck->release_pending(drc)) {
1220 spapr_phb_remove_pci_device(drc, phb, pdev, &local_err);
1221 if (local_err) {
1222 error_propagate(errp, local_err);
1223 return;
1224 }
1225 spapr_hotplug_req_remove_by_index(drc);
1226 }
1227 }
1228
1229 static void spapr_phb_realize(DeviceState *dev, Error **errp)
1230 {
1231 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
1232 SysBusDevice *s = SYS_BUS_DEVICE(dev);
1233 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(s);
1234 PCIHostState *phb = PCI_HOST_BRIDGE(s);
1235 sPAPRPHBClass *info = SPAPR_PCI_HOST_BRIDGE_GET_CLASS(s);
1236 char *namebuf;
1237 int i;
1238 PCIBus *bus;
1239 uint64_t msi_window_size = 4096;
1240
1241 if (sphb->index != (uint32_t)-1) {
1242 hwaddr windows_base;
1243
1244 if ((sphb->buid != (uint64_t)-1) || (sphb->dma_liobn != (uint32_t)-1)
1245 || (sphb->mem_win_addr != (hwaddr)-1)
1246 || (sphb->io_win_addr != (hwaddr)-1)) {
1247 error_setg(errp, "Either \"index\" or other parameters must"
1248 " be specified for PAPR PHB, not both");
1249 return;
1250 }
1251
1252 if (sphb->index > SPAPR_PCI_MAX_INDEX) {
1253 error_setg(errp, "\"index\" for PAPR PHB is too large (max %u)",
1254 SPAPR_PCI_MAX_INDEX);
1255 return;
1256 }
1257
1258 sphb->buid = SPAPR_PCI_BASE_BUID + sphb->index;
1259 sphb->dma_liobn = SPAPR_PCI_LIOBN(sphb->index, 0);
1260
1261 windows_base = SPAPR_PCI_WINDOW_BASE
1262 + sphb->index * SPAPR_PCI_WINDOW_SPACING;
1263 sphb->mem_win_addr = windows_base + SPAPR_PCI_MMIO_WIN_OFF;
1264 sphb->io_win_addr = windows_base + SPAPR_PCI_IO_WIN_OFF;
1265 }
1266
1267 if (sphb->buid == (uint64_t)-1) {
1268 error_setg(errp, "BUID not specified for PHB");
1269 return;
1270 }
1271
1272 if (sphb->dma_liobn == (uint32_t)-1) {
1273 error_setg(errp, "LIOBN not specified for PHB");
1274 return;
1275 }
1276
1277 if (sphb->mem_win_addr == (hwaddr)-1) {
1278 error_setg(errp, "Memory window address not specified for PHB");
1279 return;
1280 }
1281
1282 if (sphb->io_win_addr == (hwaddr)-1) {
1283 error_setg(errp, "IO window address not specified for PHB");
1284 return;
1285 }
1286
1287 if (spapr_pci_find_phb(spapr, sphb->buid)) {
1288 error_setg(errp, "PCI host bridges must have unique BUIDs");
1289 return;
1290 }
1291
1292 sphb->dtbusname = g_strdup_printf("pci@%" PRIx64, sphb->buid);
1293
1294 namebuf = alloca(strlen(sphb->dtbusname) + 32);
1295
1296 /* Initialize memory regions */
1297 sprintf(namebuf, "%s.mmio", sphb->dtbusname);
1298 memory_region_init(&sphb->memspace, OBJECT(sphb), namebuf, UINT64_MAX);
1299
1300 sprintf(namebuf, "%s.mmio-alias", sphb->dtbusname);
1301 memory_region_init_alias(&sphb->memwindow, OBJECT(sphb),
1302 namebuf, &sphb->memspace,
1303 SPAPR_PCI_MEM_WIN_BUS_OFFSET, sphb->mem_win_size);
1304 memory_region_add_subregion(get_system_memory(), sphb->mem_win_addr,
1305 &sphb->memwindow);
1306
1307 /* Initialize IO regions */
1308 sprintf(namebuf, "%s.io", sphb->dtbusname);
1309 memory_region_init(&sphb->iospace, OBJECT(sphb),
1310 namebuf, SPAPR_PCI_IO_WIN_SIZE);
1311
1312 sprintf(namebuf, "%s.io-alias", sphb->dtbusname);
1313 memory_region_init_alias(&sphb->iowindow, OBJECT(sphb), namebuf,
1314 &sphb->iospace, 0, SPAPR_PCI_IO_WIN_SIZE);
1315 memory_region_add_subregion(get_system_memory(), sphb->io_win_addr,
1316 &sphb->iowindow);
1317
1318 bus = pci_register_bus(dev, NULL,
1319 pci_spapr_set_irq, pci_spapr_map_irq, sphb,
1320 &sphb->memspace, &sphb->iospace,
1321 PCI_DEVFN(0, 0), PCI_NUM_PINS, TYPE_PCI_BUS);
1322 phb->bus = bus;
1323 qbus_set_hotplug_handler(BUS(phb->bus), DEVICE(sphb), NULL);
1324
1325 /*
1326 * Initialize PHB address space.
1327 * By default there will be at least one subregion for default
1328 * 32bit DMA window.
1329 * Later the guest might want to create another DMA window
1330 * which will become another memory subregion.
1331 */
1332 sprintf(namebuf, "%s.iommu-root", sphb->dtbusname);
1333
1334 memory_region_init(&sphb->iommu_root, OBJECT(sphb),
1335 namebuf, UINT64_MAX);
1336 address_space_init(&sphb->iommu_as, &sphb->iommu_root,
1337 sphb->dtbusname);
1338
1339 /*
1340 * As MSI/MSIX interrupts trigger by writing at MSI/MSIX vectors,
1341 * we need to allocate some memory to catch those writes coming
1342 * from msi_notify()/msix_notify().
1343 * As MSIMessage:addr is going to be the same and MSIMessage:data
1344 * is going to be a VIRQ number, 4 bytes of the MSI MR will only
1345 * be used.
1346 *
1347 * For KVM we want to ensure that this memory is a full page so that
1348 * our memory slot is of page size granularity.
1349 */
1350 #ifdef CONFIG_KVM
1351 if (kvm_enabled()) {
1352 msi_window_size = getpagesize();
1353 }
1354 #endif
1355
1356 memory_region_init_io(&sphb->msiwindow, NULL, &spapr_msi_ops, spapr,
1357 "msi", msi_window_size);
1358 memory_region_add_subregion(&sphb->iommu_root, SPAPR_PCI_MSI_WINDOW,
1359 &sphb->msiwindow);
1360
1361 pci_setup_iommu(bus, spapr_pci_dma_iommu, sphb);
1362
1363 pci_bus_set_route_irq_fn(bus, spapr_route_intx_pin_to_irq);
1364
1365 QLIST_INSERT_HEAD(&spapr->phbs, sphb, list);
1366
1367 /* Initialize the LSI table */
1368 for (i = 0; i < PCI_NUM_PINS; i++) {
1369 uint32_t irq;
1370
1371 irq = xics_alloc_block(spapr->icp, 0, 1, true, false);
1372 if (!irq) {
1373 error_setg(errp, "spapr_allocate_lsi failed");
1374 return;
1375 }
1376
1377 sphb->lsi_table[i].irq = irq;
1378 }
1379
1380 /* allocate connectors for child PCI devices */
1381 if (sphb->dr_enabled) {
1382 for (i = 0; i < PCI_SLOT_MAX * 8; i++) {
1383 spapr_dr_connector_new(OBJECT(phb),
1384 SPAPR_DR_CONNECTOR_TYPE_PCI,
1385 (sphb->index << 16) | i);
1386 }
1387 }
1388
1389 if (!info->finish_realize) {
1390 error_setg(errp, "finish_realize not defined");
1391 return;
1392 }
1393
1394 info->finish_realize(sphb, errp);
1395
1396 sphb->msi = g_hash_table_new_full(g_int_hash, g_int_equal, g_free, g_free);
1397 }
1398
1399 static void spapr_phb_finish_realize(sPAPRPHBState *sphb, Error **errp)
1400 {
1401 sPAPRTCETable *tcet;
1402 uint32_t nb_table;
1403
1404 nb_table = sphb->dma_win_size >> SPAPR_TCE_PAGE_SHIFT;
1405 tcet = spapr_tce_new_table(DEVICE(sphb), sphb->dma_liobn,
1406 0, SPAPR_TCE_PAGE_SHIFT, nb_table, false);
1407 if (!tcet) {
1408 error_setg(errp, "Unable to create TCE table for %s",
1409 sphb->dtbusname);
1410 return ;
1411 }
1412
1413 /* Register default 32bit DMA window */
1414 memory_region_add_subregion(&sphb->iommu_root, sphb->dma_win_addr,
1415 spapr_tce_get_iommu(tcet));
1416 }
1417
1418 static int spapr_phb_children_reset(Object *child, void *opaque)
1419 {
1420 DeviceState *dev = (DeviceState *) object_dynamic_cast(child, TYPE_DEVICE);
1421
1422 if (dev) {
1423 device_reset(dev);
1424 }
1425
1426 return 0;
1427 }
1428
1429 static void spapr_phb_reset(DeviceState *qdev)
1430 {
1431 /* Reset the IOMMU state */
1432 object_child_foreach(OBJECT(qdev), spapr_phb_children_reset, NULL);
1433 }
1434
1435 static Property spapr_phb_properties[] = {
1436 DEFINE_PROP_UINT32("index", sPAPRPHBState, index, -1),
1437 DEFINE_PROP_UINT64("buid", sPAPRPHBState, buid, -1),
1438 DEFINE_PROP_UINT32("liobn", sPAPRPHBState, dma_liobn, -1),
1439 DEFINE_PROP_UINT64("mem_win_addr", sPAPRPHBState, mem_win_addr, -1),
1440 DEFINE_PROP_UINT64("mem_win_size", sPAPRPHBState, mem_win_size,
1441 SPAPR_PCI_MMIO_WIN_SIZE),
1442 DEFINE_PROP_UINT64("io_win_addr", sPAPRPHBState, io_win_addr, -1),
1443 DEFINE_PROP_UINT64("io_win_size", sPAPRPHBState, io_win_size,
1444 SPAPR_PCI_IO_WIN_SIZE),
1445 DEFINE_PROP_BOOL("dynamic-reconfiguration", sPAPRPHBState, dr_enabled,
1446 true),
1447 /* Default DMA window is 0..1GB */
1448 DEFINE_PROP_UINT64("dma_win_addr", sPAPRPHBState, dma_win_addr, 0),
1449 DEFINE_PROP_UINT64("dma_win_size", sPAPRPHBState, dma_win_size, 0x40000000),
1450 DEFINE_PROP_END_OF_LIST(),
1451 };
1452
1453 static const VMStateDescription vmstate_spapr_pci_lsi = {
1454 .name = "spapr_pci/lsi",
1455 .version_id = 1,
1456 .minimum_version_id = 1,
1457 .fields = (VMStateField[]) {
1458 VMSTATE_UINT32_EQUAL(irq, struct spapr_pci_lsi),
1459
1460 VMSTATE_END_OF_LIST()
1461 },
1462 };
1463
1464 static const VMStateDescription vmstate_spapr_pci_msi = {
1465 .name = "spapr_pci/msi",
1466 .version_id = 1,
1467 .minimum_version_id = 1,
1468 .fields = (VMStateField []) {
1469 VMSTATE_UINT32(key, spapr_pci_msi_mig),
1470 VMSTATE_UINT32(value.first_irq, spapr_pci_msi_mig),
1471 VMSTATE_UINT32(value.num, spapr_pci_msi_mig),
1472 VMSTATE_END_OF_LIST()
1473 },
1474 };
1475
1476 static void spapr_pci_pre_save(void *opaque)
1477 {
1478 sPAPRPHBState *sphb = opaque;
1479 GHashTableIter iter;
1480 gpointer key, value;
1481 int i;
1482
1483 g_free(sphb->msi_devs);
1484 sphb->msi_devs = NULL;
1485 sphb->msi_devs_num = g_hash_table_size(sphb->msi);
1486 if (!sphb->msi_devs_num) {
1487 return;
1488 }
1489 sphb->msi_devs = g_malloc(sphb->msi_devs_num * sizeof(spapr_pci_msi_mig));
1490
1491 g_hash_table_iter_init(&iter, sphb->msi);
1492 for (i = 0; g_hash_table_iter_next(&iter, &key, &value); ++i) {
1493 sphb->msi_devs[i].key = *(uint32_t *) key;
1494 sphb->msi_devs[i].value = *(spapr_pci_msi *) value;
1495 }
1496 }
1497
1498 static int spapr_pci_post_load(void *opaque, int version_id)
1499 {
1500 sPAPRPHBState *sphb = opaque;
1501 gpointer key, value;
1502 int i;
1503
1504 for (i = 0; i < sphb->msi_devs_num; ++i) {
1505 key = g_memdup(&sphb->msi_devs[i].key,
1506 sizeof(sphb->msi_devs[i].key));
1507 value = g_memdup(&sphb->msi_devs[i].value,
1508 sizeof(sphb->msi_devs[i].value));
1509 g_hash_table_insert(sphb->msi, key, value);
1510 }
1511 g_free(sphb->msi_devs);
1512 sphb->msi_devs = NULL;
1513 sphb->msi_devs_num = 0;
1514
1515 return 0;
1516 }
1517
1518 static const VMStateDescription vmstate_spapr_pci = {
1519 .name = "spapr_pci",
1520 .version_id = 2,
1521 .minimum_version_id = 2,
1522 .pre_save = spapr_pci_pre_save,
1523 .post_load = spapr_pci_post_load,
1524 .fields = (VMStateField[]) {
1525 VMSTATE_UINT64_EQUAL(buid, sPAPRPHBState),
1526 VMSTATE_UINT32_EQUAL(dma_liobn, sPAPRPHBState),
1527 VMSTATE_UINT64_EQUAL(mem_win_addr, sPAPRPHBState),
1528 VMSTATE_UINT64_EQUAL(mem_win_size, sPAPRPHBState),
1529 VMSTATE_UINT64_EQUAL(io_win_addr, sPAPRPHBState),
1530 VMSTATE_UINT64_EQUAL(io_win_size, sPAPRPHBState),
1531 VMSTATE_STRUCT_ARRAY(lsi_table, sPAPRPHBState, PCI_NUM_PINS, 0,
1532 vmstate_spapr_pci_lsi, struct spapr_pci_lsi),
1533 VMSTATE_INT32(msi_devs_num, sPAPRPHBState),
1534 VMSTATE_STRUCT_VARRAY_ALLOC(msi_devs, sPAPRPHBState, msi_devs_num, 0,
1535 vmstate_spapr_pci_msi, spapr_pci_msi_mig),
1536 VMSTATE_END_OF_LIST()
1537 },
1538 };
1539
1540 static const char *spapr_phb_root_bus_path(PCIHostState *host_bridge,
1541 PCIBus *rootbus)
1542 {
1543 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(host_bridge);
1544
1545 return sphb->dtbusname;
1546 }
1547
1548 static void spapr_phb_class_init(ObjectClass *klass, void *data)
1549 {
1550 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass);
1551 DeviceClass *dc = DEVICE_CLASS(klass);
1552 sPAPRPHBClass *spc = SPAPR_PCI_HOST_BRIDGE_CLASS(klass);
1553 HotplugHandlerClass *hp = HOTPLUG_HANDLER_CLASS(klass);
1554
1555 hc->root_bus_path = spapr_phb_root_bus_path;
1556 dc->realize = spapr_phb_realize;
1557 dc->props = spapr_phb_properties;
1558 dc->reset = spapr_phb_reset;
1559 dc->vmsd = &vmstate_spapr_pci;
1560 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
1561 dc->cannot_instantiate_with_device_add_yet = false;
1562 spc->finish_realize = spapr_phb_finish_realize;
1563 hp->plug = spapr_phb_hot_plug_child;
1564 hp->unplug = spapr_phb_hot_unplug_child;
1565 }
1566
1567 static const TypeInfo spapr_phb_info = {
1568 .name = TYPE_SPAPR_PCI_HOST_BRIDGE,
1569 .parent = TYPE_PCI_HOST_BRIDGE,
1570 .instance_size = sizeof(sPAPRPHBState),
1571 .class_init = spapr_phb_class_init,
1572 .class_size = sizeof(sPAPRPHBClass),
1573 .interfaces = (InterfaceInfo[]) {
1574 { TYPE_HOTPLUG_HANDLER },
1575 { }
1576 }
1577 };
1578
1579 PCIHostState *spapr_create_phb(sPAPRMachineState *spapr, int index)
1580 {
1581 DeviceState *dev;
1582
1583 dev = qdev_create(NULL, TYPE_SPAPR_PCI_HOST_BRIDGE);
1584 qdev_prop_set_uint32(dev, "index", index);
1585 qdev_init_nofail(dev);
1586
1587 return PCI_HOST_BRIDGE(dev);
1588 }
1589
1590 typedef struct sPAPRFDT {
1591 void *fdt;
1592 int node_off;
1593 sPAPRPHBState *sphb;
1594 } sPAPRFDT;
1595
1596 static void spapr_populate_pci_devices_dt(PCIBus *bus, PCIDevice *pdev,
1597 void *opaque)
1598 {
1599 PCIBus *sec_bus;
1600 sPAPRFDT *p = opaque;
1601 int offset;
1602 sPAPRFDT s_fdt;
1603
1604 offset = spapr_create_pci_child_dt(p->sphb, pdev, p->fdt, p->node_off);
1605 if (!offset) {
1606 error_report("Failed to create pci child device tree node");
1607 return;
1608 }
1609
1610 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
1611 PCI_HEADER_TYPE_BRIDGE)) {
1612 return;
1613 }
1614
1615 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
1616 if (!sec_bus) {
1617 return;
1618 }
1619
1620 s_fdt.fdt = p->fdt;
1621 s_fdt.node_off = offset;
1622 s_fdt.sphb = p->sphb;
1623 pci_for_each_device(sec_bus, pci_bus_num(sec_bus),
1624 spapr_populate_pci_devices_dt,
1625 &s_fdt);
1626 }
1627
1628 static void spapr_phb_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev,
1629 void *opaque)
1630 {
1631 unsigned int *bus_no = opaque;
1632 unsigned int primary = *bus_no;
1633 unsigned int subordinate = 0xff;
1634 PCIBus *sec_bus = NULL;
1635
1636 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
1637 PCI_HEADER_TYPE_BRIDGE)) {
1638 return;
1639 }
1640
1641 (*bus_no)++;
1642 pci_default_write_config(pdev, PCI_PRIMARY_BUS, primary, 1);
1643 pci_default_write_config(pdev, PCI_SECONDARY_BUS, *bus_no, 1);
1644 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, *bus_no, 1);
1645
1646 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
1647 if (!sec_bus) {
1648 return;
1649 }
1650
1651 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, subordinate, 1);
1652 pci_for_each_device(sec_bus, pci_bus_num(sec_bus),
1653 spapr_phb_pci_enumerate_bridge, bus_no);
1654 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, *bus_no, 1);
1655 }
1656
1657 static void spapr_phb_pci_enumerate(sPAPRPHBState *phb)
1658 {
1659 PCIBus *bus = PCI_HOST_BRIDGE(phb)->bus;
1660 unsigned int bus_no = 0;
1661
1662 pci_for_each_device(bus, pci_bus_num(bus),
1663 spapr_phb_pci_enumerate_bridge,
1664 &bus_no);
1665
1666 }
1667
1668 int spapr_populate_pci_dt(sPAPRPHBState *phb,
1669 uint32_t xics_phandle,
1670 void *fdt)
1671 {
1672 int bus_off, i, j, ret;
1673 char nodename[FDT_NAME_MAX];
1674 uint32_t bus_range[] = { cpu_to_be32(0), cpu_to_be32(0xff) };
1675 const uint64_t mmiosize = memory_region_size(&phb->memwindow);
1676 const uint64_t w32max = (1ULL << 32) - SPAPR_PCI_MEM_WIN_BUS_OFFSET;
1677 const uint64_t w32size = MIN(w32max, mmiosize);
1678 const uint64_t w64size = (mmiosize > w32size) ? (mmiosize - w32size) : 0;
1679 struct {
1680 uint32_t hi;
1681 uint64_t child;
1682 uint64_t parent;
1683 uint64_t size;
1684 } QEMU_PACKED ranges[] = {
1685 {
1686 cpu_to_be32(b_ss(1)), cpu_to_be64(0),
1687 cpu_to_be64(phb->io_win_addr),
1688 cpu_to_be64(memory_region_size(&phb->iospace)),
1689 },
1690 {
1691 cpu_to_be32(b_ss(2)), cpu_to_be64(SPAPR_PCI_MEM_WIN_BUS_OFFSET),
1692 cpu_to_be64(phb->mem_win_addr),
1693 cpu_to_be64(w32size),
1694 },
1695 {
1696 cpu_to_be32(b_ss(3)), cpu_to_be64(1ULL << 32),
1697 cpu_to_be64(phb->mem_win_addr + w32size),
1698 cpu_to_be64(w64size)
1699 },
1700 };
1701 const unsigned sizeof_ranges = (w64size ? 3 : 2) * sizeof(ranges[0]);
1702 uint64_t bus_reg[] = { cpu_to_be64(phb->buid), 0 };
1703 uint32_t interrupt_map_mask[] = {
1704 cpu_to_be32(b_ddddd(-1)|b_fff(0)), 0x0, 0x0, cpu_to_be32(-1)};
1705 uint32_t interrupt_map[PCI_SLOT_MAX * PCI_NUM_PINS][7];
1706 sPAPRTCETable *tcet;
1707 PCIBus *bus = PCI_HOST_BRIDGE(phb)->bus;
1708 sPAPRFDT s_fdt;
1709
1710 /* Start populating the FDT */
1711 snprintf(nodename, FDT_NAME_MAX, "pci@%" PRIx64, phb->buid);
1712 bus_off = fdt_add_subnode(fdt, 0, nodename);
1713 if (bus_off < 0) {
1714 return bus_off;
1715 }
1716
1717 /* Write PHB properties */
1718 _FDT(fdt_setprop_string(fdt, bus_off, "device_type", "pci"));
1719 _FDT(fdt_setprop_string(fdt, bus_off, "compatible", "IBM,Logical_PHB"));
1720 _FDT(fdt_setprop_cell(fdt, bus_off, "#address-cells", 0x3));
1721 _FDT(fdt_setprop_cell(fdt, bus_off, "#size-cells", 0x2));
1722 _FDT(fdt_setprop_cell(fdt, bus_off, "#interrupt-cells", 0x1));
1723 _FDT(fdt_setprop(fdt, bus_off, "used-by-rtas", NULL, 0));
1724 _FDT(fdt_setprop(fdt, bus_off, "bus-range", &bus_range, sizeof(bus_range)));
1725 _FDT(fdt_setprop(fdt, bus_off, "ranges", &ranges, sizeof_ranges));
1726 _FDT(fdt_setprop(fdt, bus_off, "reg", &bus_reg, sizeof(bus_reg)));
1727 _FDT(fdt_setprop_cell(fdt, bus_off, "ibm,pci-config-space-type", 0x1));
1728 _FDT(fdt_setprop_cell(fdt, bus_off, "ibm,pe-total-#msi", XICS_IRQS));
1729
1730 /* Build the interrupt-map, this must matches what is done
1731 * in pci_spapr_map_irq
1732 */
1733 _FDT(fdt_setprop(fdt, bus_off, "interrupt-map-mask",
1734 &interrupt_map_mask, sizeof(interrupt_map_mask)));
1735 for (i = 0; i < PCI_SLOT_MAX; i++) {
1736 for (j = 0; j < PCI_NUM_PINS; j++) {
1737 uint32_t *irqmap = interrupt_map[i*PCI_NUM_PINS + j];
1738 int lsi_num = pci_spapr_swizzle(i, j);
1739
1740 irqmap[0] = cpu_to_be32(b_ddddd(i)|b_fff(0));
1741 irqmap[1] = 0;
1742 irqmap[2] = 0;
1743 irqmap[3] = cpu_to_be32(j+1);
1744 irqmap[4] = cpu_to_be32(xics_phandle);
1745 irqmap[5] = cpu_to_be32(phb->lsi_table[lsi_num].irq);
1746 irqmap[6] = cpu_to_be32(0x8);
1747 }
1748 }
1749 /* Write interrupt map */
1750 _FDT(fdt_setprop(fdt, bus_off, "interrupt-map", &interrupt_map,
1751 sizeof(interrupt_map)));
1752
1753 tcet = spapr_tce_find_by_liobn(SPAPR_PCI_LIOBN(phb->index, 0));
1754 spapr_dma_dt(fdt, bus_off, "ibm,dma-window",
1755 tcet->liobn, tcet->bus_offset,
1756 tcet->nb_table << tcet->page_shift);
1757
1758 /* Walk the bridges and program the bus numbers*/
1759 spapr_phb_pci_enumerate(phb);
1760 _FDT(fdt_setprop_cell(fdt, bus_off, "qemu,phb-enumerated", 0x1));
1761
1762 /* Populate tree nodes with PCI devices attached */
1763 s_fdt.fdt = fdt;
1764 s_fdt.node_off = bus_off;
1765 s_fdt.sphb = phb;
1766 pci_for_each_device(bus, pci_bus_num(bus),
1767 spapr_populate_pci_devices_dt,
1768 &s_fdt);
1769
1770 ret = spapr_drc_populate_dt(fdt, bus_off, OBJECT(phb),
1771 SPAPR_DR_CONNECTOR_TYPE_PCI);
1772 if (ret) {
1773 return ret;
1774 }
1775
1776 return 0;
1777 }
1778
1779 void spapr_pci_rtas_init(void)
1780 {
1781 spapr_rtas_register(RTAS_READ_PCI_CONFIG, "read-pci-config",
1782 rtas_read_pci_config);
1783 spapr_rtas_register(RTAS_WRITE_PCI_CONFIG, "write-pci-config",
1784 rtas_write_pci_config);
1785 spapr_rtas_register(RTAS_IBM_READ_PCI_CONFIG, "ibm,read-pci-config",
1786 rtas_ibm_read_pci_config);
1787 spapr_rtas_register(RTAS_IBM_WRITE_PCI_CONFIG, "ibm,write-pci-config",
1788 rtas_ibm_write_pci_config);
1789 if (msi_supported) {
1790 spapr_rtas_register(RTAS_IBM_QUERY_INTERRUPT_SOURCE_NUMBER,
1791 "ibm,query-interrupt-source-number",
1792 rtas_ibm_query_interrupt_source_number);
1793 spapr_rtas_register(RTAS_IBM_CHANGE_MSI, "ibm,change-msi",
1794 rtas_ibm_change_msi);
1795 }
1796
1797 spapr_rtas_register(RTAS_IBM_SET_EEH_OPTION,
1798 "ibm,set-eeh-option",
1799 rtas_ibm_set_eeh_option);
1800 spapr_rtas_register(RTAS_IBM_GET_CONFIG_ADDR_INFO2,
1801 "ibm,get-config-addr-info2",
1802 rtas_ibm_get_config_addr_info2);
1803 spapr_rtas_register(RTAS_IBM_READ_SLOT_RESET_STATE2,
1804 "ibm,read-slot-reset-state2",
1805 rtas_ibm_read_slot_reset_state2);
1806 spapr_rtas_register(RTAS_IBM_SET_SLOT_RESET,
1807 "ibm,set-slot-reset",
1808 rtas_ibm_set_slot_reset);
1809 spapr_rtas_register(RTAS_IBM_CONFIGURE_PE,
1810 "ibm,configure-pe",
1811 rtas_ibm_configure_pe);
1812 spapr_rtas_register(RTAS_IBM_SLOT_ERROR_DETAIL,
1813 "ibm,slot-error-detail",
1814 rtas_ibm_slot_error_detail);
1815 }
1816
1817 static void spapr_pci_register_types(void)
1818 {
1819 type_register_static(&spapr_phb_info);
1820 }
1821
1822 type_init(spapr_pci_register_types)
1823
1824 static int spapr_switch_one_vga(DeviceState *dev, void *opaque)
1825 {
1826 bool be = *(bool *)opaque;
1827
1828 if (object_dynamic_cast(OBJECT(dev), "VGA")
1829 || object_dynamic_cast(OBJECT(dev), "secondary-vga")) {
1830 object_property_set_bool(OBJECT(dev), be, "big-endian-framebuffer",
1831 &error_abort);
1832 }
1833 return 0;
1834 }
1835
1836 void spapr_pci_switch_vga(bool big_endian)
1837 {
1838 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
1839 sPAPRPHBState *sphb;
1840
1841 /*
1842 * For backward compatibility with existing guests, we switch
1843 * the endianness of the VGA controller when changing the guest
1844 * interrupt mode
1845 */
1846 QLIST_FOREACH(sphb, &spapr->phbs, list) {
1847 BusState *bus = &PCI_HOST_BRIDGE(sphb)->bus->qbus;
1848 qbus_walk_children(bus, spapr_switch_one_vga, NULL, NULL, NULL,
1849 &big_endian);
1850 }
1851 }
AR7 emulation for QEMU