2021-09-13 16:07:23 +01:00
|
|
|
/*
|
|
|
|
|
* ITS emulation for a GICv3-based system
|
|
|
|
|
*
|
|
|
|
|
* Copyright Linaro.org 2021
|
|
|
|
|
*
|
|
|
|
|
* Authors:
|
|
|
|
|
* Shashi Mallela <shashi.mallela@linaro.org>
|
|
|
|
|
*
|
|
|
|
|
* This work is licensed under the terms of the GNU GPL, version 2 or (at your
|
|
|
|
|
* option) any later version. See the COPYING file in the top-level directory.
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "qemu/osdep.h"
|
|
|
|
|
#include "qemu/log.h"
|
2022-01-22 18:24:32 +00:00
|
|
|
#include "trace.h"
|
2021-09-13 16:07:23 +01:00
|
|
|
#include "hw/qdev-properties.h"
|
|
|
|
|
#include "hw/intc/arm_gicv3_its_common.h"
|
|
|
|
|
#include "gicv3_internal.h"
|
|
|
|
|
#include "qom/object.h"
|
|
|
|
|
#include "qapi/error.h"
|
|
|
|
|
|
|
|
|
|
typedef struct GICv3ITSClass GICv3ITSClass;
|
|
|
|
|
/* This is reusing the GICv3ITSState typedef from ARM_GICV3_ITS_COMMON */
|
|
|
|
|
DECLARE_OBJ_CHECKERS(GICv3ITSState, GICv3ITSClass,
|
|
|
|
|
ARM_GICV3_ITS, TYPE_ARM_GICV3_ITS)
|
|
|
|
|
|
|
|
|
|
struct GICv3ITSClass {
|
|
|
|
|
GICv3ITSCommonClass parent_class;
|
2022-12-14 14:27:12 +00:00
|
|
|
ResettablePhases parent_phases;
|
2021-09-13 16:07:23 +01:00
|
|
|
};
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
/*
|
|
|
|
|
* This is an internal enum used to distinguish between LPI triggered
|
|
|
|
|
* via command queue and LPI triggered via gits_translater write.
|
|
|
|
|
*/
|
|
|
|
|
typedef enum ItsCmdType {
|
|
|
|
|
NONE = 0, /* internal indication for GITS_TRANSLATER write */
|
|
|
|
|
CLEAR = 1,
|
|
|
|
|
DISCARD = 2,
|
|
|
|
|
INTERRUPT = 3,
|
|
|
|
|
} ItsCmdType;
|
|
|
|
|
|
2022-02-01 19:31:56 +00:00
|
|
|
typedef struct DTEntry {
|
|
|
|
|
bool valid;
|
|
|
|
|
unsigned size;
|
|
|
|
|
uint64_t ittaddr;
|
|
|
|
|
} DTEntry;
|
|
|
|
|
|
2022-02-01 19:31:58 +00:00
|
|
|
typedef struct CTEntry {
|
|
|
|
|
bool valid;
|
|
|
|
|
uint32_t rdbase;
|
|
|
|
|
} CTEntry;
|
|
|
|
|
|
2022-02-01 19:32:02 +00:00
|
|
|
typedef struct ITEntry {
|
|
|
|
|
bool valid;
|
|
|
|
|
int inttype;
|
|
|
|
|
uint32_t intid;
|
|
|
|
|
uint32_t doorbell;
|
|
|
|
|
uint32_t icid;
|
|
|
|
|
uint32_t vpeid;
|
|
|
|
|
} ITEntry;
|
|
|
|
|
|
2022-04-08 15:15:18 +01:00
|
|
|
typedef struct VTEntry {
|
|
|
|
|
bool valid;
|
|
|
|
|
unsigned vptsize;
|
|
|
|
|
uint32_t rdbase;
|
|
|
|
|
uint64_t vptaddr;
|
|
|
|
|
} VTEntry;
|
2022-02-01 19:32:02 +00:00
|
|
|
|
hw/intc/arm_gicv3_its: Use enum for return value of process_* functions
When an ITS detects an error in a command, it has an
implementation-defined (CONSTRAINED UNPREDICTABLE) choice of whether
to ignore the command, proceeding to the next one in the queue, or to
stall the ITS command queue, processing nothing further. The
behaviour required when the read of the command packet from memory
fails is less clearly documented, but the same set of choices as for
command errors seem reasonable.
The intention of the QEMU implementation, as documented in the
comments, is that if we encounter a memory error reading the command
packet or one of the various data tables then we should stall, but
for command parameter errors we should ignore the queue and continue.
However, we don't actually do this. To get the desired behaviour,
the various process_* functions need to return true to cause
process_cmdq() to advance to the next command and keep processing,
and false to stall command processing. What they mostly do is return
false for any kind of error.
To make the code clearer, replace the 'bool' return from the process_
functions with an enum which may be either CMD_STALL or CMD_CONTINUE.
In this commit no behaviour changes; in subsequent commits we will
adjust the error-return paths for the process_ functions one by one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20220111171048.3545974-6-peter.maydell@linaro.org
2022-01-11 17:10:40 +00:00
|
|
|
/*
|
|
|
|
|
* The ITS spec permits a range of CONSTRAINED UNPREDICTABLE options
|
|
|
|
|
* if a command parameter is not correct. These include both "stall
|
|
|
|
|
* processing of the command queue" and "ignore this command, and
|
|
|
|
|
* keep processing the queue". In our implementation we choose that
|
|
|
|
|
* memory transaction errors reading the command packet provoke a
|
|
|
|
|
* stall, but errors in parameters cause us to ignore the command
|
|
|
|
|
* and continue processing.
|
|
|
|
|
* The process_* functions which handle individual ITS commands all
|
|
|
|
|
* return an ItsCmdResult which tells process_cmdq() whether it should
|
2022-04-08 15:15:19 +01:00
|
|
|
* stall, keep going because of an error, or keep going because the
|
|
|
|
|
* command was a success.
|
hw/intc/arm_gicv3_its: Use enum for return value of process_* functions
When an ITS detects an error in a command, it has an
implementation-defined (CONSTRAINED UNPREDICTABLE) choice of whether
to ignore the command, proceeding to the next one in the queue, or to
stall the ITS command queue, processing nothing further. The
behaviour required when the read of the command packet from memory
fails is less clearly documented, but the same set of choices as for
command errors seem reasonable.
The intention of the QEMU implementation, as documented in the
comments, is that if we encounter a memory error reading the command
packet or one of the various data tables then we should stall, but
for command parameter errors we should ignore the queue and continue.
However, we don't actually do this. To get the desired behaviour,
the various process_* functions need to return true to cause
process_cmdq() to advance to the next command and keep processing,
and false to stall command processing. What they mostly do is return
false for any kind of error.
To make the code clearer, replace the 'bool' return from the process_
functions with an enum which may be either CMD_STALL or CMD_CONTINUE.
In this commit no behaviour changes; in subsequent commits we will
adjust the error-return paths for the process_ functions one by one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20220111171048.3545974-6-peter.maydell@linaro.org
2022-01-11 17:10:40 +00:00
|
|
|
*/
|
|
|
|
|
typedef enum ItsCmdResult {
|
|
|
|
|
CMD_STALL = 0,
|
|
|
|
|
CMD_CONTINUE = 1,
|
2022-04-08 15:15:19 +01:00
|
|
|
CMD_CONTINUE_OK = 2,
|
hw/intc/arm_gicv3_its: Use enum for return value of process_* functions
When an ITS detects an error in a command, it has an
implementation-defined (CONSTRAINED UNPREDICTABLE) choice of whether
to ignore the command, proceeding to the next one in the queue, or to
stall the ITS command queue, processing nothing further. The
behaviour required when the read of the command packet from memory
fails is less clearly documented, but the same set of choices as for
command errors seem reasonable.
The intention of the QEMU implementation, as documented in the
comments, is that if we encounter a memory error reading the command
packet or one of the various data tables then we should stall, but
for command parameter errors we should ignore the queue and continue.
However, we don't actually do this. To get the desired behaviour,
the various process_* functions need to return true to cause
process_cmdq() to advance to the next command and keep processing,
and false to stall command processing. What they mostly do is return
false for any kind of error.
To make the code clearer, replace the 'bool' return from the process_
functions with an enum which may be either CMD_STALL or CMD_CONTINUE.
In this commit no behaviour changes; in subsequent commits we will
adjust the error-return paths for the process_ functions one by one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20220111171048.3545974-6-peter.maydell@linaro.org
2022-01-11 17:10:40 +00:00
|
|
|
} ItsCmdResult;
|
|
|
|
|
|
2022-04-08 15:15:16 +01:00
|
|
|
/* True if the ITS supports the GICv4 virtual LPI feature */
|
|
|
|
|
static bool its_feature_virtual(GICv3ITSState *s)
|
|
|
|
|
{
|
|
|
|
|
return s->typer & R_GITS_TYPER_VIRTUAL_MASK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:15 +01:00
|
|
|
static inline bool intid_in_lpi_range(uint32_t id)
|
|
|
|
|
{
|
|
|
|
|
return id >= GICV3_LPI_INTID_START &&
|
|
|
|
|
id < (1 << (GICD_TYPER_IDBITS + 1));
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:17 +01:00
|
|
|
static inline bool valid_doorbell(uint32_t id)
|
|
|
|
|
{
|
|
|
|
|
/* Doorbell fields may be an LPI, or 1023 to mean "no doorbell" */
|
|
|
|
|
return id == INTID_SPURIOUS || intid_in_lpi_range(id);
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
static uint64_t baser_base_addr(uint64_t value, uint32_t page_sz)
|
|
|
|
|
{
|
|
|
|
|
uint64_t result = 0;
|
|
|
|
|
|
|
|
|
|
switch (page_sz) {
|
|
|
|
|
case GITS_PAGE_SIZE_4K:
|
|
|
|
|
case GITS_PAGE_SIZE_16K:
|
|
|
|
|
result = FIELD_EX64(value, GITS_BASER, PHYADDR) << 12;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case GITS_PAGE_SIZE_64K:
|
|
|
|
|
result = FIELD_EX64(value, GITS_BASER, PHYADDRL_64K) << 16;
|
|
|
|
|
result |= FIELD_EX64(value, GITS_BASER, PHYADDRH_64K) << 48;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
static uint64_t table_entry_addr(GICv3ITSState *s, TableDesc *td,
|
|
|
|
|
uint32_t idx, MemTxResult *res)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
2022-01-11 17:10:46 +00:00
|
|
|
/*
|
|
|
|
|
* Given a TableDesc describing one of the ITS in-guest-memory
|
|
|
|
|
* tables and an index into it, return the guest address
|
|
|
|
|
* corresponding to that table entry.
|
|
|
|
|
* If there was a memory error reading the L1 table of an
|
|
|
|
|
* indirect table, *res is set accordingly, and we return -1.
|
|
|
|
|
* If the L1 table entry is marked not valid, we return -1 with
|
|
|
|
|
* *res set to MEMTX_OK.
|
|
|
|
|
*
|
|
|
|
|
* The specification defines the format of level 1 entries of a
|
|
|
|
|
* 2-level table, but the format of level 2 entries and the format
|
|
|
|
|
* of flat-mapped tables is IMPDEF.
|
|
|
|
|
*/
|
2021-09-13 16:07:23 +01:00
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
2022-01-11 17:10:46 +00:00
|
|
|
uint32_t l2idx;
|
|
|
|
|
uint64_t l2;
|
2022-01-07 17:08:00 +00:00
|
|
|
uint32_t num_l2_entries;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
*res = MEMTX_OK;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
if (!td->indirect) {
|
|
|
|
|
/* Single level table */
|
|
|
|
|
return td->base_addr + idx * td->entry_sz;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
/* Two level table */
|
|
|
|
|
l2idx = idx / (td->page_sz / L1TABLE_ENTRY_SIZE);
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
l2 = address_space_ldq_le(as,
|
|
|
|
|
td->base_addr + (l2idx * L1TABLE_ENTRY_SIZE),
|
|
|
|
|
MEMTXATTRS_UNSPECIFIED, res);
|
|
|
|
|
if (*res != MEMTX_OK) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (!(l2 & L2_TABLE_VALID_MASK)) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
num_l2_entries = td->page_sz / td->entry_sz;
|
|
|
|
|
return (l2 & ((1ULL << 51) - 1)) + (idx % num_l2_entries) * td->entry_sz;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:31:58 +00:00
|
|
|
/*
|
|
|
|
|
* Read the Collection Table entry at index @icid. On success (including
|
|
|
|
|
* successfully determining that there is no valid CTE for this index),
|
|
|
|
|
* we return MEMTX_OK and populate the CTEntry struct @cte accordingly.
|
|
|
|
|
* If there is an error reading memory then we return the error code.
|
|
|
|
|
*/
|
|
|
|
|
static MemTxResult get_cte(GICv3ITSState *s, uint16_t icid, CTEntry *cte)
|
2022-01-11 17:10:46 +00:00
|
|
|
{
|
|
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
2022-02-01 19:31:58 +00:00
|
|
|
MemTxResult res = MEMTX_OK;
|
|
|
|
|
uint64_t entry_addr = table_entry_addr(s, &s->ct, icid, &res);
|
|
|
|
|
uint64_t cteval;
|
2022-01-11 17:10:46 +00:00
|
|
|
|
|
|
|
|
if (entry_addr == -1) {
|
2022-02-01 19:31:58 +00:00
|
|
|
/* No L2 table entry, i.e. no valid CTE, or a memory error */
|
|
|
|
|
cte->valid = false;
|
2022-03-03 20:23:38 +00:00
|
|
|
goto out;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:58 +00:00
|
|
|
cteval = address_space_ldq_le(as, entry_addr, MEMTXATTRS_UNSPECIFIED, &res);
|
|
|
|
|
if (res != MEMTX_OK) {
|
2022-03-03 20:23:38 +00:00
|
|
|
goto out;
|
2022-02-01 19:31:58 +00:00
|
|
|
}
|
|
|
|
|
cte->valid = FIELD_EX64(cteval, CTE, VALID);
|
|
|
|
|
cte->rdbase = FIELD_EX64(cteval, CTE, RDBASE);
|
2022-03-03 20:23:38 +00:00
|
|
|
out:
|
|
|
|
|
if (res != MEMTX_OK) {
|
|
|
|
|
trace_gicv3_its_cte_read_fault(icid);
|
|
|
|
|
} else {
|
|
|
|
|
trace_gicv3_its_cte_read(icid, cte->valid, cte->rdbase);
|
|
|
|
|
}
|
|
|
|
|
return res;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:32:03 +00:00
|
|
|
/*
|
|
|
|
|
* Update the Interrupt Table entry at index @evinted in the table specified
|
|
|
|
|
* by the dte @dte. Returns true on success, false if there was a memory
|
|
|
|
|
* access error.
|
|
|
|
|
*/
|
2022-02-01 19:31:56 +00:00
|
|
|
static bool update_ite(GICv3ITSState *s, uint32_t eventid, const DTEntry *dte,
|
2022-02-01 19:32:03 +00:00
|
|
|
const ITEntry *ite)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
|
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
|
|
|
|
MemTxResult res = MEMTX_OK;
|
2022-02-01 19:32:00 +00:00
|
|
|
hwaddr iteaddr = dte->ittaddr + eventid * ITS_ITT_ENTRY_SIZE;
|
2022-02-01 19:32:03 +00:00
|
|
|
uint64_t itel = 0;
|
|
|
|
|
uint32_t iteh = 0;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-03-03 20:23:38 +00:00
|
|
|
trace_gicv3_its_ite_write(dte->ittaddr, eventid, ite->valid,
|
|
|
|
|
ite->inttype, ite->intid, ite->icid,
|
|
|
|
|
ite->vpeid, ite->doorbell);
|
|
|
|
|
|
2022-02-01 19:32:03 +00:00
|
|
|
if (ite->valid) {
|
|
|
|
|
itel = FIELD_DP64(itel, ITE_L, VALID, 1);
|
|
|
|
|
itel = FIELD_DP64(itel, ITE_L, INTTYPE, ite->inttype);
|
|
|
|
|
itel = FIELD_DP64(itel, ITE_L, INTID, ite->intid);
|
|
|
|
|
itel = FIELD_DP64(itel, ITE_L, ICID, ite->icid);
|
|
|
|
|
itel = FIELD_DP64(itel, ITE_L, VPEID, ite->vpeid);
|
|
|
|
|
iteh = FIELD_DP32(iteh, ITE_H, DOORBELL, ite->doorbell);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
2022-02-01 19:32:03 +00:00
|
|
|
|
|
|
|
|
address_space_stq_le(as, iteaddr, itel, MEMTXATTRS_UNSPECIFIED, &res);
|
2021-09-13 16:07:23 +01:00
|
|
|
if (res != MEMTX_OK) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2022-02-01 19:32:03 +00:00
|
|
|
address_space_stl_le(as, iteaddr + 8, iteh, MEMTXATTRS_UNSPECIFIED, &res);
|
|
|
|
|
return res == MEMTX_OK;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:32:02 +00:00
|
|
|
/*
|
|
|
|
|
* Read the Interrupt Table entry at index @eventid from the table specified
|
|
|
|
|
* by the DTE @dte. On success, we return MEMTX_OK and populate the ITEntry
|
|
|
|
|
* struct @ite accordingly. If there is an error reading memory then we return
|
|
|
|
|
* the error code.
|
|
|
|
|
*/
|
|
|
|
|
static MemTxResult get_ite(GICv3ITSState *s, uint32_t eventid,
|
|
|
|
|
const DTEntry *dte, ITEntry *ite)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
|
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
2022-02-01 19:32:02 +00:00
|
|
|
MemTxResult res = MEMTX_OK;
|
|
|
|
|
uint64_t itel;
|
|
|
|
|
uint32_t iteh;
|
2022-02-01 19:32:00 +00:00
|
|
|
hwaddr iteaddr = dte->ittaddr + eventid * ITS_ITT_ENTRY_SIZE;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:32:02 +00:00
|
|
|
itel = address_space_ldq_le(as, iteaddr, MEMTXATTRS_UNSPECIFIED, &res);
|
|
|
|
|
if (res != MEMTX_OK) {
|
2022-03-03 20:23:38 +00:00
|
|
|
trace_gicv3_its_ite_read_fault(dte->ittaddr, eventid);
|
2022-02-01 19:32:02 +00:00
|
|
|
return res;
|
2022-02-01 19:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:32:02 +00:00
|
|
|
iteh = address_space_ldl_le(as, iteaddr + 8, MEMTXATTRS_UNSPECIFIED, &res);
|
|
|
|
|
if (res != MEMTX_OK) {
|
2022-03-03 20:23:38 +00:00
|
|
|
trace_gicv3_its_ite_read_fault(dte->ittaddr, eventid);
|
2022-02-01 19:32:02 +00:00
|
|
|
return res;
|
2022-02-01 19:32:01 +00:00
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:32:02 +00:00
|
|
|
ite->valid = FIELD_EX64(itel, ITE_L, VALID);
|
|
|
|
|
ite->inttype = FIELD_EX64(itel, ITE_L, INTTYPE);
|
|
|
|
|
ite->intid = FIELD_EX64(itel, ITE_L, INTID);
|
|
|
|
|
ite->icid = FIELD_EX64(itel, ITE_L, ICID);
|
|
|
|
|
ite->vpeid = FIELD_EX64(itel, ITE_L, VPEID);
|
|
|
|
|
ite->doorbell = FIELD_EX64(iteh, ITE_H, DOORBELL);
|
2022-03-03 20:23:38 +00:00
|
|
|
trace_gicv3_its_ite_read(dte->ittaddr, eventid, ite->valid,
|
|
|
|
|
ite->inttype, ite->intid, ite->icid,
|
|
|
|
|
ite->vpeid, ite->doorbell);
|
2022-02-01 19:32:02 +00:00
|
|
|
return MEMTX_OK;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:56 +00:00
|
|
|
/*
|
|
|
|
|
* Read the Device Table entry at index @devid. On success (including
|
|
|
|
|
* successfully determining that there is no valid DTE for this index),
|
|
|
|
|
* we return MEMTX_OK and populate the DTEntry struct accordingly.
|
|
|
|
|
* If there is an error reading memory then we return the error code.
|
|
|
|
|
*/
|
|
|
|
|
static MemTxResult get_dte(GICv3ITSState *s, uint32_t devid, DTEntry *dte)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
2022-02-01 19:31:56 +00:00
|
|
|
MemTxResult res = MEMTX_OK;
|
2021-09-13 16:07:23 +01:00
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
2022-02-01 19:31:56 +00:00
|
|
|
uint64_t entry_addr = table_entry_addr(s, &s->dt, devid, &res);
|
|
|
|
|
uint64_t dteval;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
if (entry_addr == -1) {
|
2022-02-01 19:31:56 +00:00
|
|
|
/* No L2 table entry, i.e. no valid DTE, or a memory error */
|
|
|
|
|
dte->valid = false;
|
2022-03-03 20:23:38 +00:00
|
|
|
goto out;
|
2022-02-01 19:31:56 +00:00
|
|
|
}
|
|
|
|
|
dteval = address_space_ldq_le(as, entry_addr, MEMTXATTRS_UNSPECIFIED, &res);
|
|
|
|
|
if (res != MEMTX_OK) {
|
2022-03-03 20:23:38 +00:00
|
|
|
goto out;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
2022-02-01 19:31:56 +00:00
|
|
|
dte->valid = FIELD_EX64(dteval, DTE, VALID);
|
|
|
|
|
dte->size = FIELD_EX64(dteval, DTE, SIZE);
|
|
|
|
|
/* DTE word field stores bits [51:8] of the ITT address */
|
|
|
|
|
dte->ittaddr = FIELD_EX64(dteval, DTE, ITTADDR) << ITTADDR_SHIFT;
|
2022-03-03 20:23:38 +00:00
|
|
|
out:
|
|
|
|
|
if (res != MEMTX_OK) {
|
|
|
|
|
trace_gicv3_its_dte_read_fault(devid);
|
|
|
|
|
} else {
|
|
|
|
|
trace_gicv3_its_dte_read(devid, dte->valid, dte->size, dte->ittaddr);
|
|
|
|
|
}
|
|
|
|
|
return res;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:23 +01:00
|
|
|
/*
|
|
|
|
|
* Read the vPE Table entry at index @vpeid. On success (including
|
|
|
|
|
* successfully determining that there is no valid entry for this index),
|
|
|
|
|
* we return MEMTX_OK and populate the VTEntry struct accordingly.
|
|
|
|
|
* If there is an error reading memory then we return the error code.
|
|
|
|
|
*/
|
|
|
|
|
static MemTxResult get_vte(GICv3ITSState *s, uint32_t vpeid, VTEntry *vte)
|
|
|
|
|
{
|
|
|
|
|
MemTxResult res = MEMTX_OK;
|
|
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
|
|
|
|
uint64_t entry_addr = table_entry_addr(s, &s->vpet, vpeid, &res);
|
|
|
|
|
uint64_t vteval;
|
|
|
|
|
|
|
|
|
|
if (entry_addr == -1) {
|
|
|
|
|
/* No L2 table entry, i.e. no valid VTE, or a memory error */
|
|
|
|
|
vte->valid = false;
|
2023-08-31 15:13:48 +02:00
|
|
|
trace_gicv3_its_vte_read_fault(vpeid);
|
|
|
|
|
return MEMTX_OK;
|
2022-04-08 15:15:23 +01:00
|
|
|
}
|
|
|
|
|
vteval = address_space_ldq_le(as, entry_addr, MEMTXATTRS_UNSPECIFIED, &res);
|
|
|
|
|
if (res != MEMTX_OK) {
|
2023-08-31 15:13:48 +02:00
|
|
|
trace_gicv3_its_vte_read_fault(vpeid);
|
|
|
|
|
return res;
|
2022-04-08 15:15:23 +01:00
|
|
|
}
|
|
|
|
|
vte->valid = FIELD_EX64(vteval, VTE, VALID);
|
|
|
|
|
vte->vptsize = FIELD_EX64(vteval, VTE, VPTSIZE);
|
|
|
|
|
vte->vptaddr = FIELD_EX64(vteval, VTE, VPTADDR);
|
|
|
|
|
vte->rdbase = FIELD_EX64(vteval, VTE, RDBASE);
|
2023-08-31 15:13:48 +02:00
|
|
|
trace_gicv3_its_vte_read(vpeid, vte->valid, vte->vptsize,
|
|
|
|
|
vte->vptaddr, vte->rdbase);
|
2022-04-08 15:15:23 +01:00
|
|
|
return res;
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
/*
|
2022-04-08 15:15:20 +01:00
|
|
|
* Given a (DeviceID, EventID), look up the corresponding ITE, including
|
|
|
|
|
* checking for the various invalid-value cases. If we find a valid ITE,
|
|
|
|
|
* fill in @ite and @dte and return CMD_CONTINUE_OK. Otherwise return
|
|
|
|
|
* CMD_STALL or CMD_CONTINUE as appropriate (and the contents of @ite
|
|
|
|
|
* should not be relied on).
|
|
|
|
|
*
|
|
|
|
|
* The string @who is purely for the LOG_GUEST_ERROR messages,
|
|
|
|
|
* and should indicate the name of the calling function or similar.
|
2021-09-13 16:07:23 +01:00
|
|
|
*/
|
2022-04-08 15:15:20 +01:00
|
|
|
static ItsCmdResult lookup_ite(GICv3ITSState *s, const char *who,
|
|
|
|
|
uint32_t devid, uint32_t eventid, ITEntry *ite,
|
|
|
|
|
DTEntry *dte)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
2022-01-11 17:10:36 +00:00
|
|
|
uint64_t num_eventids;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
hw/intc/arm_gicv3_its: Check table bounds against correct limit
Currently when we fill in a TableDesc based on the value the guest
has written to the GITS_BASER<n> register, we calculate both:
* num_entries : the number of entries in the table, constrained
by the amount of memory the guest has given it
* num_ids : the number of IDs we support for this table,
constrained by the implementation choices and the architecture
(eg DeviceIDs are 16 bits, so num_ids is 1 << 16)
When validating ITS commands, however, we check only num_ids,
thus allowing a broken guest to specify table entries that
index off the end of it. This will only corrupt guest memory,
but the ITS is supposed to reject such commands as invalid.
Instead of calculating both num_entries and num_ids, set
num_entries to the minimum of the two limits, and check that.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220122182444.724087-13-peter.maydell@linaro.org
2022-01-22 18:24:42 +00:00
|
|
|
if (devid >= s->dt.num_entries) {
|
2022-01-11 17:10:47 +00:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid command attributes: devid %d>=%d",
|
2022-04-08 15:15:20 +01:00
|
|
|
who, devid, s->dt.num_entries);
|
2022-01-11 17:10:47 +00:00
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:20 +01:00
|
|
|
if (get_dte(s, devid, dte) != MEMTX_OK) {
|
2022-01-11 17:10:41 +00:00
|
|
|
return CMD_STALL;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
2022-04-08 15:15:20 +01:00
|
|
|
if (!dte->valid) {
|
2022-01-11 17:10:42 +00:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid command attributes: "
|
2022-04-08 15:15:20 +01:00
|
|
|
"invalid dte for %d\n", who, devid);
|
2022-01-11 17:10:42 +00:00
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-04-08 15:15:20 +01:00
|
|
|
num_eventids = 1ULL << (dte->size + 1);
|
2022-01-11 17:10:47 +00:00
|
|
|
if (eventid >= num_eventids) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid command attributes: eventid %d >= %"
|
2022-04-08 15:15:20 +01:00
|
|
|
PRId64 "\n", who, eventid, num_eventids);
|
2022-01-11 17:10:47 +00:00
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:20 +01:00
|
|
|
if (get_ite(s, eventid, dte, ite) != MEMTX_OK) {
|
2022-01-11 17:10:42 +00:00
|
|
|
return CMD_STALL;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-04-08 15:15:20 +01:00
|
|
|
if (!ite->valid) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid command attributes: invalid ITE\n", who);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return CMD_CONTINUE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:21 +01:00
|
|
|
/*
|
|
|
|
|
* Given an ICID, look up the corresponding CTE, including checking for various
|
|
|
|
|
* invalid-value cases. If we find a valid CTE, fill in @cte and return
|
|
|
|
|
* CMD_CONTINUE_OK; otherwise return CMD_STALL or CMD_CONTINUE (and the
|
|
|
|
|
* contents of @cte should not be relied on).
|
|
|
|
|
*
|
|
|
|
|
* The string @who is purely for the LOG_GUEST_ERROR messages,
|
|
|
|
|
* and should indicate the name of the calling function or similar.
|
|
|
|
|
*/
|
|
|
|
|
static ItsCmdResult lookup_cte(GICv3ITSState *s, const char *who,
|
|
|
|
|
uint32_t icid, CTEntry *cte)
|
|
|
|
|
{
|
|
|
|
|
if (icid >= s->ct.num_entries) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid ICID 0x%x\n", who, icid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
if (get_cte(s, icid, cte) != MEMTX_OK) {
|
|
|
|
|
return CMD_STALL;
|
|
|
|
|
}
|
|
|
|
|
if (!cte->valid) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid CTE\n", who);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
if (cte->rdbase >= s->gicv3->num_cpu) {
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
return CMD_CONTINUE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:23 +01:00
|
|
|
/*
|
|
|
|
|
* Given a VPEID, look up the corresponding VTE, including checking
|
|
|
|
|
* for various invalid-value cases. if we find a valid VTE, fill in @vte
|
|
|
|
|
* and return CMD_CONTINUE_OK; otherwise return CMD_STALL or CMD_CONTINUE
|
|
|
|
|
* (and the contents of @vte should not be relied on).
|
|
|
|
|
*
|
|
|
|
|
* The string @who is purely for the LOG_GUEST_ERROR messages,
|
|
|
|
|
* and should indicate the name of the calling function or similar.
|
|
|
|
|
*/
|
|
|
|
|
static ItsCmdResult lookup_vte(GICv3ITSState *s, const char *who,
|
|
|
|
|
uint32_t vpeid, VTEntry *vte)
|
|
|
|
|
{
|
|
|
|
|
if (vpeid >= s->vpet.num_entries) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid VPEID 0x%x\n", who, vpeid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (get_vte(s, vpeid, vte) != MEMTX_OK) {
|
|
|
|
|
return CMD_STALL;
|
|
|
|
|
}
|
|
|
|
|
if (!vte->valid) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid VTE for VPEID 0x%x\n", who, vpeid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (vte->rdbase >= s->gicv3->num_cpu) {
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
return CMD_CONTINUE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:22 +01:00
|
|
|
static ItsCmdResult process_its_cmd_phys(GICv3ITSState *s, const ITEntry *ite,
|
|
|
|
|
int irqlevel)
|
|
|
|
|
{
|
|
|
|
|
CTEntry cte;
|
|
|
|
|
ItsCmdResult cmdres;
|
|
|
|
|
|
|
|
|
|
cmdres = lookup_cte(s, __func__, ite->icid, &cte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
gicv3_redist_process_lpi(&s->gicv3->cpu[cte.rdbase], ite->intid, irqlevel);
|
|
|
|
|
return CMD_CONTINUE_OK;
|
|
|
|
|
}
|
2022-04-08 15:15:21 +01:00
|
|
|
|
2022-04-08 15:15:23 +01:00
|
|
|
static ItsCmdResult process_its_cmd_virt(GICv3ITSState *s, const ITEntry *ite,
|
|
|
|
|
int irqlevel)
|
|
|
|
|
{
|
|
|
|
|
VTEntry vte;
|
|
|
|
|
ItsCmdResult cmdres;
|
|
|
|
|
|
|
|
|
|
cmdres = lookup_vte(s, __func__, ite->vpeid, &vte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!intid_in_lpi_range(ite->intid) ||
|
|
|
|
|
ite->intid >= (1ULL << (vte.vptsize + 1))) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR, "%s: intid 0x%x out of range\n",
|
|
|
|
|
__func__, ite->intid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* For QEMU the actual pending of the vLPI is handled in the
|
|
|
|
|
* redistributor code
|
|
|
|
|
*/
|
|
|
|
|
gicv3_redist_process_vlpi(&s->gicv3->cpu[vte.rdbase], ite->intid,
|
|
|
|
|
vte.vptaddr << 16, ite->doorbell, irqlevel);
|
|
|
|
|
return CMD_CONTINUE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:20 +01:00
|
|
|
/*
|
|
|
|
|
* This function handles the processing of following commands based on
|
|
|
|
|
* the ItsCmdType parameter passed:-
|
|
|
|
|
* 1. triggering of lpi interrupt translation via ITS INT command
|
|
|
|
|
* 2. triggering of lpi interrupt translation via gits_translater register
|
|
|
|
|
* 3. handling of ITS CLEAR command
|
|
|
|
|
* 4. handling of ITS DISCARD command
|
|
|
|
|
*/
|
|
|
|
|
static ItsCmdResult do_process_its_cmd(GICv3ITSState *s, uint32_t devid,
|
|
|
|
|
uint32_t eventid, ItsCmdType cmd)
|
|
|
|
|
{
|
|
|
|
|
DTEntry dte;
|
|
|
|
|
ITEntry ite;
|
|
|
|
|
ItsCmdResult cmdres;
|
2022-04-08 15:15:22 +01:00
|
|
|
int irqlevel;
|
2022-04-08 15:15:20 +01:00
|
|
|
|
|
|
|
|
cmdres = lookup_ite(s, __func__, devid, eventid, &ite, &dte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:22 +01:00
|
|
|
irqlevel = (cmd == CLEAR || cmd == DISCARD) ? 0 : 1;
|
2022-01-11 17:10:42 +00:00
|
|
|
|
2022-04-08 15:15:22 +01:00
|
|
|
switch (ite.inttype) {
|
|
|
|
|
case ITE_INTTYPE_PHYSICAL:
|
|
|
|
|
cmdres = process_its_cmd_phys(s, &ite, irqlevel);
|
|
|
|
|
break;
|
|
|
|
|
case ITE_INTTYPE_VIRTUAL:
|
|
|
|
|
if (!its_feature_virtual(s)) {
|
|
|
|
|
/* Can't happen unless guest is illegally writing to table memory */
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid type %d in ITE (table corrupted?)\n",
|
|
|
|
|
__func__, ite.inttype);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
2022-04-08 15:15:23 +01:00
|
|
|
cmdres = process_its_cmd_virt(s, &ite, irqlevel);
|
|
|
|
|
break;
|
2022-04-08 15:15:22 +01:00
|
|
|
default:
|
|
|
|
|
g_assert_not_reached();
|
2022-01-11 17:10:42 +00:00
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:22 +01:00
|
|
|
if (cmdres == CMD_CONTINUE_OK && cmd == DISCARD) {
|
2023-09-22 16:29:41 +01:00
|
|
|
ITEntry i = {};
|
2022-01-11 17:10:42 +00:00
|
|
|
/* remove mapping from interrupt translation table */
|
2023-09-22 16:29:41 +01:00
|
|
|
i.valid = false;
|
|
|
|
|
return update_ite(s, eventid, &dte, &i) ? CMD_CONTINUE_OK : CMD_STALL;
|
2022-01-11 17:10:42 +00:00
|
|
|
}
|
2022-04-08 15:15:19 +01:00
|
|
|
return CMD_CONTINUE_OK;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
2022-04-08 15:15:10 +01:00
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
static ItsCmdResult process_its_cmd(GICv3ITSState *s, const uint64_t *cmdpkt,
|
|
|
|
|
ItsCmdType cmd)
|
|
|
|
|
{
|
|
|
|
|
uint32_t devid, eventid;
|
|
|
|
|
|
|
|
|
|
devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT;
|
|
|
|
|
eventid = cmdpkt[1] & EVENTID_MASK;
|
2022-03-03 20:23:37 +00:00
|
|
|
switch (cmd) {
|
|
|
|
|
case INTERRUPT:
|
|
|
|
|
trace_gicv3_its_cmd_int(devid, eventid);
|
|
|
|
|
break;
|
|
|
|
|
case CLEAR:
|
|
|
|
|
trace_gicv3_its_cmd_clear(devid, eventid);
|
|
|
|
|
break;
|
|
|
|
|
case DISCARD:
|
|
|
|
|
trace_gicv3_its_cmd_discard(devid, eventid);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
g_assert_not_reached();
|
|
|
|
|
}
|
2022-02-01 19:31:55 +00:00
|
|
|
return do_process_its_cmd(s, devid, eventid, cmd);
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
static ItsCmdResult process_mapti(GICv3ITSState *s, const uint64_t *cmdpkt,
|
|
|
|
|
bool ignore_pInt)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
|
|
|
|
uint32_t devid, eventid;
|
|
|
|
|
uint32_t pIntid = 0;
|
2022-01-11 17:10:36 +00:00
|
|
|
uint64_t num_eventids;
|
2021-09-13 16:07:23 +01:00
|
|
|
uint16_t icid = 0;
|
2022-02-01 19:31:56 +00:00
|
|
|
DTEntry dte;
|
2022-02-01 19:32:03 +00:00
|
|
|
ITEntry ite;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT;
|
|
|
|
|
eventid = cmdpkt[1] & EVENTID_MASK;
|
2022-03-03 20:23:37 +00:00
|
|
|
icid = cmdpkt[2] & ICID_MASK;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-07 17:07:59 +00:00
|
|
|
if (ignore_pInt) {
|
|
|
|
|
pIntid = eventid;
|
2022-03-03 20:23:37 +00:00
|
|
|
trace_gicv3_its_cmd_mapi(devid, eventid, icid);
|
2022-01-07 17:07:59 +00:00
|
|
|
} else {
|
2022-02-01 19:31:55 +00:00
|
|
|
pIntid = (cmdpkt[1] & pINTID_MASK) >> pINTID_SHIFT;
|
2022-03-03 20:23:37 +00:00
|
|
|
trace_gicv3_its_cmd_mapti(devid, eventid, icid, pIntid);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
hw/intc/arm_gicv3_its: Check table bounds against correct limit
Currently when we fill in a TableDesc based on the value the guest
has written to the GITS_BASER<n> register, we calculate both:
* num_entries : the number of entries in the table, constrained
by the amount of memory the guest has given it
* num_ids : the number of IDs we support for this table,
constrained by the implementation choices and the architecture
(eg DeviceIDs are 16 bits, so num_ids is 1 << 16)
When validating ITS commands, however, we check only num_ids,
thus allowing a broken guest to specify table entries that
index off the end of it. This will only corrupt guest memory,
but the ITS is supposed to reject such commands as invalid.
Instead of calculating both num_entries and num_ids, set
num_entries to the minimum of the two limits, and check that.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220122182444.724087-13-peter.maydell@linaro.org
2022-01-22 18:24:42 +00:00
|
|
|
if (devid >= s->dt.num_entries) {
|
2022-01-11 17:10:47 +00:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid command attributes: devid %d>=%d",
|
hw/intc/arm_gicv3_its: Check table bounds against correct limit
Currently when we fill in a TableDesc based on the value the guest
has written to the GITS_BASER<n> register, we calculate both:
* num_entries : the number of entries in the table, constrained
by the amount of memory the guest has given it
* num_ids : the number of IDs we support for this table,
constrained by the implementation choices and the architecture
(eg DeviceIDs are 16 bits, so num_ids is 1 << 16)
When validating ITS commands, however, we check only num_ids,
thus allowing a broken guest to specify table entries that
index off the end of it. This will only corrupt guest memory,
but the ITS is supposed to reject such commands as invalid.
Instead of calculating both num_entries and num_ids, set
num_entries to the minimum of the two limits, and check that.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220122182444.724087-13-peter.maydell@linaro.org
2022-01-22 18:24:42 +00:00
|
|
|
__func__, devid, s->dt.num_entries);
|
2022-01-11 17:10:47 +00:00
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:56 +00:00
|
|
|
if (get_dte(s, devid, &dte) != MEMTX_OK) {
|
2022-01-11 17:10:43 +00:00
|
|
|
return CMD_STALL;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
2022-02-01 19:31:56 +00:00
|
|
|
num_eventids = 1ULL << (dte.size + 1);
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:32:07 +00:00
|
|
|
if (icid >= s->ct.num_entries) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid ICID 0x%x >= 0x%x\n",
|
|
|
|
|
__func__, icid, s->ct.num_entries);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!dte.valid) {
|
2021-09-13 16:07:23 +01:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
2022-02-01 19:32:07 +00:00
|
|
|
"%s: no valid DTE for devid 0x%x\n", __func__, devid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (eventid >= num_eventids) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid event ID 0x%x >= 0x%" PRIx64 "\n",
|
|
|
|
|
__func__, eventid, num_eventids);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:15 +01:00
|
|
|
if (!intid_in_lpi_range(pIntid)) {
|
2022-02-01 19:32:07 +00:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid interrupt ID 0x%x\n", __func__, pIntid);
|
2022-01-11 17:10:43 +00:00
|
|
|
return CMD_CONTINUE;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-01-11 17:10:43 +00:00
|
|
|
/* add ite entry to interrupt translation table */
|
2022-02-01 19:32:03 +00:00
|
|
|
ite.valid = true;
|
|
|
|
|
ite.inttype = ITE_INTTYPE_PHYSICAL;
|
|
|
|
|
ite.intid = pIntid;
|
|
|
|
|
ite.icid = icid;
|
|
|
|
|
ite.doorbell = INTID_SPURIOUS;
|
|
|
|
|
ite.vpeid = 0;
|
2022-04-08 15:15:19 +01:00
|
|
|
return update_ite(s, eventid, &dte, &ite) ? CMD_CONTINUE_OK : CMD_STALL;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:17 +01:00
|
|
|
static ItsCmdResult process_vmapti(GICv3ITSState *s, const uint64_t *cmdpkt,
|
|
|
|
|
bool ignore_vintid)
|
|
|
|
|
{
|
|
|
|
|
uint32_t devid, eventid, vintid, doorbell, vpeid;
|
|
|
|
|
uint32_t num_eventids;
|
|
|
|
|
DTEntry dte;
|
|
|
|
|
ITEntry ite;
|
|
|
|
|
|
|
|
|
|
if (!its_feature_virtual(s)) {
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
devid = FIELD_EX64(cmdpkt[0], VMAPTI_0, DEVICEID);
|
|
|
|
|
eventid = FIELD_EX64(cmdpkt[1], VMAPTI_1, EVENTID);
|
|
|
|
|
vpeid = FIELD_EX64(cmdpkt[1], VMAPTI_1, VPEID);
|
|
|
|
|
doorbell = FIELD_EX64(cmdpkt[2], VMAPTI_2, DOORBELL);
|
|
|
|
|
if (ignore_vintid) {
|
|
|
|
|
vintid = eventid;
|
|
|
|
|
trace_gicv3_its_cmd_vmapi(devid, eventid, vpeid, doorbell);
|
|
|
|
|
} else {
|
|
|
|
|
vintid = FIELD_EX64(cmdpkt[2], VMAPTI_2, VINTID);
|
|
|
|
|
trace_gicv3_its_cmd_vmapti(devid, eventid, vpeid, vintid, doorbell);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (devid >= s->dt.num_entries) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid DeviceID 0x%x (must be less than 0x%x)\n",
|
|
|
|
|
__func__, devid, s->dt.num_entries);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (get_dte(s, devid, &dte) != MEMTX_OK) {
|
|
|
|
|
return CMD_STALL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!dte.valid) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: no entry in device table for DeviceID 0x%x\n",
|
|
|
|
|
__func__, devid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
num_eventids = 1ULL << (dte.size + 1);
|
|
|
|
|
|
|
|
|
|
if (eventid >= num_eventids) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: EventID 0x%x too large for DeviceID 0x%x "
|
|
|
|
|
"(must be less than 0x%x)\n",
|
|
|
|
|
__func__, eventid, devid, num_eventids);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
if (!intid_in_lpi_range(vintid)) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: VIntID 0x%x not a valid LPI\n",
|
|
|
|
|
__func__, vintid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
if (!valid_doorbell(doorbell)) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: Doorbell %d not 1023 and not a valid LPI\n",
|
|
|
|
|
__func__, doorbell);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
if (vpeid >= s->vpet.num_entries) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: VPEID 0x%x out of range (must be less than 0x%x)\n",
|
|
|
|
|
__func__, vpeid, s->vpet.num_entries);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
/* add ite entry to interrupt translation table */
|
|
|
|
|
ite.valid = true;
|
|
|
|
|
ite.inttype = ITE_INTTYPE_VIRTUAL;
|
|
|
|
|
ite.intid = vintid;
|
|
|
|
|
ite.icid = 0;
|
|
|
|
|
ite.doorbell = doorbell;
|
|
|
|
|
ite.vpeid = vpeid;
|
2022-04-08 15:15:19 +01:00
|
|
|
return update_ite(s, eventid, &dte, &ite) ? CMD_CONTINUE_OK : CMD_STALL;
|
2022-04-08 15:15:17 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:59 +00:00
|
|
|
/*
|
|
|
|
|
* Update the Collection Table entry for @icid to @cte. Returns true
|
|
|
|
|
* on success, false if there was a memory access error.
|
|
|
|
|
*/
|
|
|
|
|
static bool update_cte(GICv3ITSState *s, uint16_t icid, const CTEntry *cte)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
|
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
2022-01-11 17:10:46 +00:00
|
|
|
uint64_t entry_addr;
|
2022-02-01 19:31:59 +00:00
|
|
|
uint64_t cteval = 0;
|
2021-09-13 16:07:23 +01:00
|
|
|
MemTxResult res = MEMTX_OK;
|
|
|
|
|
|
2022-03-03 20:23:38 +00:00
|
|
|
trace_gicv3_its_cte_write(icid, cte->valid, cte->rdbase);
|
|
|
|
|
|
2022-02-01 19:31:59 +00:00
|
|
|
if (cte->valid) {
|
2021-09-13 16:07:23 +01:00
|
|
|
/* add mapping entry to collection table */
|
2022-02-01 19:31:59 +00:00
|
|
|
cteval = FIELD_DP64(cteval, CTE, VALID, 1);
|
|
|
|
|
cteval = FIELD_DP64(cteval, CTE, RDBASE, cte->rdbase);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
entry_addr = table_entry_addr(s, &s->ct, icid, &res);
|
2021-09-13 16:07:23 +01:00
|
|
|
if (res != MEMTX_OK) {
|
2022-01-11 17:10:46 +00:00
|
|
|
/* memory access error: stall */
|
2021-09-13 16:07:23 +01:00
|
|
|
return false;
|
2022-01-11 17:10:46 +00:00
|
|
|
}
|
|
|
|
|
if (entry_addr == -1) {
|
|
|
|
|
/* No L2 table for this index: discard write and continue */
|
2021-09-13 16:07:23 +01:00
|
|
|
return true;
|
|
|
|
|
}
|
2022-01-11 17:10:46 +00:00
|
|
|
|
2022-02-01 19:31:59 +00:00
|
|
|
address_space_stq_le(as, entry_addr, cteval, MEMTXATTRS_UNSPECIFIED, &res);
|
2022-01-11 17:10:46 +00:00
|
|
|
return res == MEMTX_OK;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
static ItsCmdResult process_mapc(GICv3ITSState *s, const uint64_t *cmdpkt)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
|
|
|
|
uint16_t icid;
|
2022-02-01 19:31:59 +00:00
|
|
|
CTEntry cte;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
icid = cmdpkt[2] & ICID_MASK;
|
2022-02-01 19:31:59 +00:00
|
|
|
cte.valid = cmdpkt[2] & CMD_FIELD_VALID_MASK;
|
2022-02-01 19:32:05 +00:00
|
|
|
if (cte.valid) {
|
|
|
|
|
cte.rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT;
|
|
|
|
|
cte.rdbase &= RDBASE_PROCNUM_MASK;
|
|
|
|
|
} else {
|
|
|
|
|
cte.rdbase = 0;
|
|
|
|
|
}
|
2022-03-03 20:23:37 +00:00
|
|
|
trace_gicv3_its_cmd_mapc(icid, cte.rdbase, cte.valid);
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:32:05 +00:00
|
|
|
if (icid >= s->ct.num_entries) {
|
2022-03-25 14:41:06 +00:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR, "ITS MAPC: invalid ICID 0x%x\n", icid);
|
2022-02-01 19:32:05 +00:00
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
if (cte.valid && cte.rdbase >= s->gicv3->num_cpu) {
|
2021-09-13 16:07:23 +01:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
2022-03-25 14:41:06 +00:00
|
|
|
"ITS MAPC: invalid RDBASE %u\n", cte.rdbase);
|
2022-01-11 17:10:44 +00:00
|
|
|
return CMD_CONTINUE;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:19 +01:00
|
|
|
return update_cte(s, icid, &cte) ? CMD_CONTINUE_OK : CMD_STALL;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:57 +00:00
|
|
|
/*
|
|
|
|
|
* Update the Device Table entry for @devid to @dte. Returns true
|
|
|
|
|
* on success, false if there was a memory access error.
|
|
|
|
|
*/
|
|
|
|
|
static bool update_dte(GICv3ITSState *s, uint32_t devid, const DTEntry *dte)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
|
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
2022-01-11 17:10:46 +00:00
|
|
|
uint64_t entry_addr;
|
2022-02-01 19:31:57 +00:00
|
|
|
uint64_t dteval = 0;
|
2021-09-13 16:07:23 +01:00
|
|
|
MemTxResult res = MEMTX_OK;
|
|
|
|
|
|
2022-03-03 20:23:38 +00:00
|
|
|
trace_gicv3_its_dte_write(devid, dte->valid, dte->size, dte->ittaddr);
|
|
|
|
|
|
2022-02-01 19:32:04 +00:00
|
|
|
if (dte->valid) {
|
|
|
|
|
/* add mapping entry to device table */
|
|
|
|
|
dteval = FIELD_DP64(dteval, DTE, VALID, 1);
|
|
|
|
|
dteval = FIELD_DP64(dteval, DTE, SIZE, dte->size);
|
|
|
|
|
dteval = FIELD_DP64(dteval, DTE, ITTADDR, dte->ittaddr);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-01-11 17:10:46 +00:00
|
|
|
entry_addr = table_entry_addr(s, &s->dt, devid, &res);
|
2021-09-13 16:07:23 +01:00
|
|
|
if (res != MEMTX_OK) {
|
2022-01-11 17:10:46 +00:00
|
|
|
/* memory access error: stall */
|
2021-09-13 16:07:23 +01:00
|
|
|
return false;
|
2022-01-11 17:10:46 +00:00
|
|
|
}
|
|
|
|
|
if (entry_addr == -1) {
|
|
|
|
|
/* No L2 table for this index: discard write and continue */
|
2021-09-13 16:07:23 +01:00
|
|
|
return true;
|
|
|
|
|
}
|
2022-02-01 19:31:57 +00:00
|
|
|
address_space_stq_le(as, entry_addr, dteval, MEMTXATTRS_UNSPECIFIED, &res);
|
2022-01-11 17:10:46 +00:00
|
|
|
return res == MEMTX_OK;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
static ItsCmdResult process_mapd(GICv3ITSState *s, const uint64_t *cmdpkt)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
|
|
|
|
uint32_t devid;
|
2022-02-01 19:31:57 +00:00
|
|
|
DTEntry dte;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
devid = (cmdpkt[0] & DEVID_MASK) >> DEVID_SHIFT;
|
2022-02-01 19:31:57 +00:00
|
|
|
dte.size = cmdpkt[1] & SIZE_MASK;
|
|
|
|
|
dte.ittaddr = (cmdpkt[2] & ITTADDR_MASK) >> ITTADDR_SHIFT;
|
|
|
|
|
dte.valid = cmdpkt[2] & CMD_FIELD_VALID_MASK;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-03-03 20:23:37 +00:00
|
|
|
trace_gicv3_its_cmd_mapd(devid, dte.size, dte.ittaddr, dte.valid);
|
|
|
|
|
|
2022-02-01 19:32:07 +00:00
|
|
|
if (devid >= s->dt.num_entries) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"ITS MAPD: invalid device ID field 0x%x >= 0x%x\n",
|
|
|
|
|
devid, s->dt.num_entries);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (dte.size > FIELD_EX64(s->typer, GITS_TYPER, IDBITS)) {
|
2021-09-13 16:07:23 +01:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
2022-02-01 19:32:07 +00:00
|
|
|
"ITS MAPD: invalid size %d\n", dte.size);
|
2022-01-11 17:10:45 +00:00
|
|
|
return CMD_CONTINUE;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:19 +01:00
|
|
|
return update_dte(s, devid, &dte) ? CMD_CONTINUE_OK : CMD_STALL;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
static ItsCmdResult process_movall(GICv3ITSState *s, const uint64_t *cmdpkt)
|
2022-01-22 18:24:43 +00:00
|
|
|
{
|
|
|
|
|
uint64_t rd1, rd2;
|
|
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
rd1 = FIELD_EX64(cmdpkt[2], MOVALL_2, RDBASE1);
|
|
|
|
|
rd2 = FIELD_EX64(cmdpkt[3], MOVALL_3, RDBASE2);
|
2022-01-22 18:24:43 +00:00
|
|
|
|
2022-03-03 20:23:37 +00:00
|
|
|
trace_gicv3_its_cmd_movall(rd1, rd2);
|
|
|
|
|
|
2022-01-22 18:24:43 +00:00
|
|
|
if (rd1 >= s->gicv3->num_cpu) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: RDBASE1 %" PRId64
|
|
|
|
|
" out of range (must be less than %d)\n",
|
|
|
|
|
__func__, rd1, s->gicv3->num_cpu);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
if (rd2 >= s->gicv3->num_cpu) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: RDBASE2 %" PRId64
|
|
|
|
|
" out of range (must be less than %d)\n",
|
|
|
|
|
__func__, rd2, s->gicv3->num_cpu);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (rd1 == rd2) {
|
|
|
|
|
/* Move to same target must succeed as a no-op */
|
2022-04-08 15:15:19 +01:00
|
|
|
return CMD_CONTINUE_OK;
|
2022-01-22 18:24:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Move all pending LPIs from redistributor 1 to redistributor 2 */
|
|
|
|
|
gicv3_redist_movall_lpis(&s->gicv3->cpu[rd1], &s->gicv3->cpu[rd2]);
|
|
|
|
|
|
2022-04-08 15:15:19 +01:00
|
|
|
return CMD_CONTINUE_OK;
|
2022-01-22 18:24:43 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
static ItsCmdResult process_movi(GICv3ITSState *s, const uint64_t *cmdpkt)
|
2022-01-22 18:24:44 +00:00
|
|
|
{
|
2022-02-01 19:32:02 +00:00
|
|
|
uint32_t devid, eventid;
|
|
|
|
|
uint16_t new_icid;
|
2022-02-01 19:31:56 +00:00
|
|
|
DTEntry dte;
|
2022-02-01 19:31:58 +00:00
|
|
|
CTEntry old_cte, new_cte;
|
2022-02-01 19:32:02 +00:00
|
|
|
ITEntry old_ite;
|
2022-04-08 15:15:20 +01:00
|
|
|
ItsCmdResult cmdres;
|
2022-01-22 18:24:44 +00:00
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
devid = FIELD_EX64(cmdpkt[0], MOVI_0, DEVICEID);
|
|
|
|
|
eventid = FIELD_EX64(cmdpkt[1], MOVI_1, EVENTID);
|
|
|
|
|
new_icid = FIELD_EX64(cmdpkt[2], MOVI_2, ICID);
|
2022-01-22 18:24:44 +00:00
|
|
|
|
2022-03-03 20:23:37 +00:00
|
|
|
trace_gicv3_its_cmd_movi(devid, eventid, new_icid);
|
|
|
|
|
|
2022-04-08 15:15:20 +01:00
|
|
|
cmdres = lookup_ite(s, __func__, devid, eventid, &old_ite, &dte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
2022-01-22 18:24:44 +00:00
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:20 +01:00
|
|
|
if (old_ite.inttype != ITE_INTTYPE_PHYSICAL) {
|
2022-01-22 18:24:44 +00:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid command attributes: invalid ITE\n",
|
|
|
|
|
__func__);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:21 +01:00
|
|
|
cmdres = lookup_cte(s, __func__, old_ite.icid, &old_cte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
2022-01-22 18:24:44 +00:00
|
|
|
}
|
2022-04-08 15:15:21 +01:00
|
|
|
cmdres = lookup_cte(s, __func__, new_icid, &new_cte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
2022-01-22 18:24:44 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-01 19:31:58 +00:00
|
|
|
if (old_cte.rdbase != new_cte.rdbase) {
|
2022-01-22 18:24:44 +00:00
|
|
|
/* Move the LPI from the old redistributor to the new one */
|
2022-02-01 19:31:58 +00:00
|
|
|
gicv3_redist_mov_lpi(&s->gicv3->cpu[old_cte.rdbase],
|
|
|
|
|
&s->gicv3->cpu[new_cte.rdbase],
|
2022-02-01 19:32:02 +00:00
|
|
|
old_ite.intid);
|
2022-01-22 18:24:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Update the ICID field in the interrupt translation table entry */
|
2022-02-01 19:32:03 +00:00
|
|
|
old_ite.icid = new_icid;
|
2022-04-08 15:15:19 +01:00
|
|
|
return update_ite(s, eventid, &dte, &old_ite) ? CMD_CONTINUE_OK : CMD_STALL;
|
2022-01-22 18:24:44 +00:00
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:18 +01:00
|
|
|
/*
|
|
|
|
|
* Update the vPE Table entry at index @vpeid with the entry @vte.
|
|
|
|
|
* Returns true on success, false if there was a memory access error.
|
|
|
|
|
*/
|
|
|
|
|
static bool update_vte(GICv3ITSState *s, uint32_t vpeid, const VTEntry *vte)
|
|
|
|
|
{
|
|
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
|
|
|
|
uint64_t entry_addr;
|
|
|
|
|
uint64_t vteval = 0;
|
|
|
|
|
MemTxResult res = MEMTX_OK;
|
|
|
|
|
|
|
|
|
|
trace_gicv3_its_vte_write(vpeid, vte->valid, vte->vptsize, vte->vptaddr,
|
|
|
|
|
vte->rdbase);
|
|
|
|
|
|
|
|
|
|
if (vte->valid) {
|
|
|
|
|
vteval = FIELD_DP64(vteval, VTE, VALID, 1);
|
|
|
|
|
vteval = FIELD_DP64(vteval, VTE, VPTSIZE, vte->vptsize);
|
|
|
|
|
vteval = FIELD_DP64(vteval, VTE, VPTADDR, vte->vptaddr);
|
|
|
|
|
vteval = FIELD_DP64(vteval, VTE, RDBASE, vte->rdbase);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
entry_addr = table_entry_addr(s, &s->vpet, vpeid, &res);
|
|
|
|
|
if (res != MEMTX_OK) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (entry_addr == -1) {
|
|
|
|
|
/* No L2 table for this index: discard write and continue */
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
address_space_stq_le(as, entry_addr, vteval, MEMTXATTRS_UNSPECIFIED, &res);
|
|
|
|
|
return res == MEMTX_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static ItsCmdResult process_vmapp(GICv3ITSState *s, const uint64_t *cmdpkt)
|
|
|
|
|
{
|
|
|
|
|
VTEntry vte;
|
|
|
|
|
uint32_t vpeid;
|
|
|
|
|
|
|
|
|
|
if (!its_feature_virtual(s)) {
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
vpeid = FIELD_EX64(cmdpkt[1], VMAPP_1, VPEID);
|
|
|
|
|
vte.rdbase = FIELD_EX64(cmdpkt[2], VMAPP_2, RDBASE);
|
|
|
|
|
vte.valid = FIELD_EX64(cmdpkt[2], VMAPP_2, V);
|
|
|
|
|
vte.vptsize = FIELD_EX64(cmdpkt[3], VMAPP_3, VPTSIZE);
|
|
|
|
|
vte.vptaddr = FIELD_EX64(cmdpkt[3], VMAPP_3, VPTADDR);
|
|
|
|
|
|
|
|
|
|
trace_gicv3_its_cmd_vmapp(vpeid, vte.rdbase, vte.valid,
|
|
|
|
|
vte.vptaddr, vte.vptsize);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* For GICv4.0 the VPT_size field is only 5 bits, whereas we
|
|
|
|
|
* define our field macros to include the full GICv4.1 8 bits.
|
|
|
|
|
* The range check on VPT_size will catch the cases where
|
|
|
|
|
* the guest set the RES0-in-GICv4.0 bits [7:6].
|
|
|
|
|
*/
|
|
|
|
|
if (vte.vptsize > FIELD_EX64(s->typer, GITS_TYPER, IDBITS)) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid VPT_size 0x%x\n", __func__, vte.vptsize);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (vte.valid && vte.rdbase >= s->gicv3->num_cpu) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid rdbase 0x%x\n", __func__, vte.rdbase);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (vpeid >= s->vpet.num_entries) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: VPEID 0x%x out of range (must be less than 0x%x)\n",
|
|
|
|
|
__func__, vpeid, s->vpet.num_entries);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:19 +01:00
|
|
|
return update_vte(s, vpeid, &vte) ? CMD_CONTINUE_OK : CMD_STALL;
|
2022-04-08 15:15:18 +01:00
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:25 +01:00
|
|
|
typedef struct VmovpCallbackData {
|
|
|
|
|
uint64_t rdbase;
|
|
|
|
|
uint32_t vpeid;
|
|
|
|
|
/*
|
|
|
|
|
* Overall command result. If more than one callback finds an
|
|
|
|
|
* error, STALL beats CONTINUE.
|
|
|
|
|
*/
|
|
|
|
|
ItsCmdResult result;
|
|
|
|
|
} VmovpCallbackData;
|
|
|
|
|
|
|
|
|
|
static void vmovp_callback(gpointer data, gpointer opaque)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* This function is called to update the VPEID field in a VPE
|
|
|
|
|
* table entry for this ITS. This might be because of a VMOVP
|
|
|
|
|
* command executed on any ITS that is connected to the same GIC
|
|
|
|
|
* as this ITS. We need to read the VPE table entry for the VPEID
|
|
|
|
|
* and update its RDBASE field.
|
|
|
|
|
*/
|
|
|
|
|
GICv3ITSState *s = data;
|
|
|
|
|
VmovpCallbackData *cbdata = opaque;
|
|
|
|
|
VTEntry vte;
|
|
|
|
|
ItsCmdResult cmdres;
|
|
|
|
|
|
|
|
|
|
cmdres = lookup_vte(s, __func__, cbdata->vpeid, &vte);
|
|
|
|
|
switch (cmdres) {
|
|
|
|
|
case CMD_STALL:
|
|
|
|
|
cbdata->result = CMD_STALL;
|
|
|
|
|
return;
|
|
|
|
|
case CMD_CONTINUE:
|
|
|
|
|
if (cbdata->result != CMD_STALL) {
|
|
|
|
|
cbdata->result = CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
case CMD_CONTINUE_OK:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
vte.rdbase = cbdata->rdbase;
|
|
|
|
|
if (!update_vte(s, cbdata->vpeid, &vte)) {
|
|
|
|
|
cbdata->result = CMD_STALL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static ItsCmdResult process_vmovp(GICv3ITSState *s, const uint64_t *cmdpkt)
|
|
|
|
|
{
|
|
|
|
|
VmovpCallbackData cbdata;
|
|
|
|
|
|
|
|
|
|
if (!its_feature_virtual(s)) {
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cbdata.vpeid = FIELD_EX64(cmdpkt[1], VMOVP_1, VPEID);
|
|
|
|
|
cbdata.rdbase = FIELD_EX64(cmdpkt[2], VMOVP_2, RDBASE);
|
|
|
|
|
|
|
|
|
|
trace_gicv3_its_cmd_vmovp(cbdata.vpeid, cbdata.rdbase);
|
|
|
|
|
|
|
|
|
|
if (cbdata.rdbase >= s->gicv3->num_cpu) {
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Our ITS implementation reports GITS_TYPER.VMOVP == 1, which means
|
|
|
|
|
* that when the VMOVP command is executed on an ITS to change the
|
|
|
|
|
* VPEID field in a VPE table entry the change must be propagated
|
|
|
|
|
* to all the ITSes connected to the same GIC.
|
|
|
|
|
*/
|
|
|
|
|
cbdata.result = CMD_CONTINUE_OK;
|
|
|
|
|
gicv3_foreach_its(s->gicv3, vmovp_callback, &cbdata);
|
|
|
|
|
return cbdata.result;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:29 +01:00
|
|
|
static ItsCmdResult process_vmovi(GICv3ITSState *s, const uint64_t *cmdpkt)
|
|
|
|
|
{
|
|
|
|
|
uint32_t devid, eventid, vpeid, doorbell;
|
|
|
|
|
bool doorbell_valid;
|
|
|
|
|
DTEntry dte;
|
|
|
|
|
ITEntry ite;
|
|
|
|
|
VTEntry old_vte, new_vte;
|
|
|
|
|
ItsCmdResult cmdres;
|
|
|
|
|
|
|
|
|
|
if (!its_feature_virtual(s)) {
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
devid = FIELD_EX64(cmdpkt[0], VMOVI_0, DEVICEID);
|
|
|
|
|
eventid = FIELD_EX64(cmdpkt[1], VMOVI_1, EVENTID);
|
|
|
|
|
vpeid = FIELD_EX64(cmdpkt[1], VMOVI_1, VPEID);
|
|
|
|
|
doorbell_valid = FIELD_EX64(cmdpkt[2], VMOVI_2, D);
|
|
|
|
|
doorbell = FIELD_EX64(cmdpkt[2], VMOVI_2, DOORBELL);
|
|
|
|
|
|
|
|
|
|
trace_gicv3_its_cmd_vmovi(devid, eventid, vpeid, doorbell_valid, doorbell);
|
|
|
|
|
|
|
|
|
|
if (doorbell_valid && !valid_doorbell(doorbell)) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid doorbell 0x%x\n", __func__, doorbell);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cmdres = lookup_ite(s, __func__, devid, eventid, &ite, &dte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (ite.inttype != ITE_INTTYPE_VIRTUAL) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR, "%s: ITE is not for virtual interrupt\n",
|
|
|
|
|
__func__);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cmdres = lookup_vte(s, __func__, ite.vpeid, &old_vte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
cmdres = lookup_vte(s, __func__, vpeid, &new_vte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!intid_in_lpi_range(ite.intid) ||
|
|
|
|
|
ite.intid >= (1ULL << (old_vte.vptsize + 1)) ||
|
|
|
|
|
ite.intid >= (1ULL << (new_vte.vptsize + 1))) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: ITE intid 0x%x out of range\n",
|
|
|
|
|
__func__, ite.intid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ite.vpeid = vpeid;
|
|
|
|
|
if (doorbell_valid) {
|
|
|
|
|
ite.doorbell = doorbell;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Move the LPI from the old redistributor to the new one. We don't
|
|
|
|
|
* need to do anything if the guest somehow specified the
|
|
|
|
|
* same pending table for source and destination.
|
|
|
|
|
*/
|
|
|
|
|
if (old_vte.vptaddr != new_vte.vptaddr) {
|
|
|
|
|
gicv3_redist_mov_vlpi(&s->gicv3->cpu[old_vte.rdbase],
|
|
|
|
|
old_vte.vptaddr << 16,
|
|
|
|
|
&s->gicv3->cpu[new_vte.rdbase],
|
|
|
|
|
new_vte.vptaddr << 16,
|
|
|
|
|
ite.intid,
|
|
|
|
|
ite.doorbell);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Update the ITE to the new VPEID and possibly doorbell values */
|
|
|
|
|
return update_ite(s, eventid, &dte, &ite) ? CMD_CONTINUE_OK : CMD_STALL;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:30 +01:00
|
|
|
static ItsCmdResult process_vinvall(GICv3ITSState *s, const uint64_t *cmdpkt)
|
|
|
|
|
{
|
|
|
|
|
VTEntry vte;
|
|
|
|
|
uint32_t vpeid;
|
|
|
|
|
ItsCmdResult cmdres;
|
|
|
|
|
|
|
|
|
|
if (!its_feature_virtual(s)) {
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
vpeid = FIELD_EX64(cmdpkt[1], VINVALL_1, VPEID);
|
|
|
|
|
|
|
|
|
|
trace_gicv3_its_cmd_vinvall(vpeid);
|
|
|
|
|
|
|
|
|
|
cmdres = lookup_vte(s, __func__, vpeid, &vte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gicv3_redist_vinvall(&s->gicv3->cpu[vte.rdbase], vte.vptaddr << 16);
|
|
|
|
|
return CMD_CONTINUE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:27 +01:00
|
|
|
static ItsCmdResult process_inv(GICv3ITSState *s, const uint64_t *cmdpkt)
|
|
|
|
|
{
|
|
|
|
|
uint32_t devid, eventid;
|
|
|
|
|
ITEntry ite;
|
|
|
|
|
DTEntry dte;
|
|
|
|
|
CTEntry cte;
|
2022-04-08 15:15:28 +01:00
|
|
|
VTEntry vte;
|
2022-04-08 15:15:27 +01:00
|
|
|
ItsCmdResult cmdres;
|
|
|
|
|
|
|
|
|
|
devid = FIELD_EX64(cmdpkt[0], INV_0, DEVICEID);
|
|
|
|
|
eventid = FIELD_EX64(cmdpkt[1], INV_1, EVENTID);
|
|
|
|
|
|
|
|
|
|
trace_gicv3_its_cmd_inv(devid, eventid);
|
|
|
|
|
|
|
|
|
|
cmdres = lookup_ite(s, __func__, devid, eventid, &ite, &dte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch (ite.inttype) {
|
|
|
|
|
case ITE_INTTYPE_PHYSICAL:
|
|
|
|
|
cmdres = lookup_cte(s, __func__, ite.icid, &cte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
gicv3_redist_inv_lpi(&s->gicv3->cpu[cte.rdbase], ite.intid);
|
|
|
|
|
break;
|
|
|
|
|
case ITE_INTTYPE_VIRTUAL:
|
|
|
|
|
if (!its_feature_virtual(s)) {
|
|
|
|
|
/* Can't happen unless guest is illegally writing to table memory */
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid type %d in ITE (table corrupted?)\n",
|
|
|
|
|
__func__, ite.inttype);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
2022-04-08 15:15:28 +01:00
|
|
|
|
|
|
|
|
cmdres = lookup_vte(s, __func__, ite.vpeid, &vte);
|
|
|
|
|
if (cmdres != CMD_CONTINUE_OK) {
|
|
|
|
|
return cmdres;
|
|
|
|
|
}
|
|
|
|
|
if (!intid_in_lpi_range(ite.intid) ||
|
|
|
|
|
ite.intid >= (1ULL << (vte.vptsize + 1))) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR, "%s: intid 0x%x out of range\n",
|
|
|
|
|
__func__, ite.intid);
|
|
|
|
|
return CMD_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
gicv3_redist_inv_vlpi(&s->gicv3->cpu[vte.rdbase], ite.intid,
|
|
|
|
|
vte.vptaddr << 16);
|
2022-04-08 15:15:27 +01:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
g_assert_not_reached();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return CMD_CONTINUE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
/*
|
|
|
|
|
* Current implementation blocks until all
|
|
|
|
|
* commands are processed
|
|
|
|
|
*/
|
|
|
|
|
static void process_cmdq(GICv3ITSState *s)
|
|
|
|
|
{
|
|
|
|
|
uint32_t wr_offset = 0;
|
|
|
|
|
uint32_t rd_offset = 0;
|
|
|
|
|
uint32_t cq_offset = 0;
|
|
|
|
|
AddressSpace *as = &s->gicv3->dma_as;
|
|
|
|
|
uint8_t cmd;
|
2021-09-13 16:07:24 +01:00
|
|
|
int i;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-07 17:07:58 +00:00
|
|
|
if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) {
|
2021-09-13 16:07:23 +01:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
wr_offset = FIELD_EX64(s->cwriter, GITS_CWRITER, OFFSET);
|
|
|
|
|
|
2022-01-07 17:08:00 +00:00
|
|
|
if (wr_offset >= s->cq.num_entries) {
|
2021-09-13 16:07:23 +01:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid write offset "
|
|
|
|
|
"%d\n", __func__, wr_offset);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rd_offset = FIELD_EX64(s->creadr, GITS_CREADR, OFFSET);
|
|
|
|
|
|
2022-01-07 17:08:00 +00:00
|
|
|
if (rd_offset >= s->cq.num_entries) {
|
2021-09-13 16:07:23 +01:00
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid read offset "
|
|
|
|
|
"%d\n", __func__, rd_offset);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
while (wr_offset != rd_offset) {
|
2022-04-08 15:15:19 +01:00
|
|
|
ItsCmdResult result = CMD_CONTINUE_OK;
|
2022-02-01 19:31:55 +00:00
|
|
|
void *hostmem;
|
|
|
|
|
hwaddr buflen;
|
|
|
|
|
uint64_t cmdpkt[GITS_CMDQ_ENTRY_WORDS];
|
hw/intc/arm_gicv3_its: Use enum for return value of process_* functions
When an ITS detects an error in a command, it has an
implementation-defined (CONSTRAINED UNPREDICTABLE) choice of whether
to ignore the command, proceeding to the next one in the queue, or to
stall the ITS command queue, processing nothing further. The
behaviour required when the read of the command packet from memory
fails is less clearly documented, but the same set of choices as for
command errors seem reasonable.
The intention of the QEMU implementation, as documented in the
comments, is that if we encounter a memory error reading the command
packet or one of the various data tables then we should stall, but
for command parameter errors we should ignore the queue and continue.
However, we don't actually do this. To get the desired behaviour,
the various process_* functions need to return true to cause
process_cmdq() to advance to the next command and keep processing,
and false to stall command processing. What they mostly do is return
false for any kind of error.
To make the code clearer, replace the 'bool' return from the process_
functions with an enum which may be either CMD_STALL or CMD_CONTINUE.
In this commit no behaviour changes; in subsequent commits we will
adjust the error-return paths for the process_ functions one by one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20220111171048.3545974-6-peter.maydell@linaro.org
2022-01-11 17:10:40 +00:00
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
cq_offset = (rd_offset * GITS_CMDQ_ENTRY_SIZE);
|
2022-02-01 19:31:55 +00:00
|
|
|
|
|
|
|
|
buflen = GITS_CMDQ_ENTRY_SIZE;
|
|
|
|
|
hostmem = address_space_map(as, s->cq.base_addr + cq_offset,
|
|
|
|
|
&buflen, false, MEMTXATTRS_UNSPECIFIED);
|
|
|
|
|
if (!hostmem || buflen != GITS_CMDQ_ENTRY_SIZE) {
|
|
|
|
|
if (hostmem) {
|
|
|
|
|
address_space_unmap(as, hostmem, buflen, false, 0);
|
|
|
|
|
}
|
2022-01-11 17:10:39 +00:00
|
|
|
s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, STALLED, 1);
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: could not read command at 0x%" PRIx64 "\n",
|
|
|
|
|
__func__, s->cq.base_addr + cq_offset);
|
|
|
|
|
break;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
2022-02-01 19:31:55 +00:00
|
|
|
for (i = 0; i < ARRAY_SIZE(cmdpkt); i++) {
|
|
|
|
|
cmdpkt[i] = ldq_le_p(hostmem + i * sizeof(uint64_t));
|
|
|
|
|
}
|
|
|
|
|
address_space_unmap(as, hostmem, buflen, false, 0);
|
2022-01-11 17:10:39 +00:00
|
|
|
|
2022-02-01 19:31:55 +00:00
|
|
|
cmd = cmdpkt[0] & CMD_MASK;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2022-01-22 18:24:32 +00:00
|
|
|
trace_gicv3_its_process_command(rd_offset, cmd);
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
switch (cmd) {
|
|
|
|
|
case GITS_CMD_INT:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_its_cmd(s, cmdpkt, INTERRUPT);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_CLEAR:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_its_cmd(s, cmdpkt, CLEAR);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_SYNC:
|
|
|
|
|
/*
|
|
|
|
|
* Current implementation makes a blocking synchronous call
|
|
|
|
|
* for every command issued earlier, hence the internal state
|
|
|
|
|
* is already consistent by the time SYNC command is executed.
|
|
|
|
|
* Hence no further processing is required for SYNC command.
|
|
|
|
|
*/
|
2022-03-03 20:23:37 +00:00
|
|
|
trace_gicv3_its_cmd_sync();
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
2022-04-08 15:15:26 +01:00
|
|
|
case GITS_CMD_VSYNC:
|
|
|
|
|
/*
|
|
|
|
|
* VSYNC also is a nop, because our implementation is always
|
|
|
|
|
* in sync.
|
|
|
|
|
*/
|
|
|
|
|
if (!its_feature_virtual(s)) {
|
|
|
|
|
result = CMD_CONTINUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
trace_gicv3_its_cmd_vsync();
|
|
|
|
|
break;
|
2021-09-13 16:07:23 +01:00
|
|
|
case GITS_CMD_MAPD:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_mapd(s, cmdpkt);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_MAPC:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_mapc(s, cmdpkt);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_MAPTI:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_mapti(s, cmdpkt, false);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_MAPI:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_mapti(s, cmdpkt, true);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_DISCARD:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_its_cmd(s, cmdpkt, DISCARD);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_INV:
|
2022-04-08 15:15:27 +01:00
|
|
|
result = process_inv(s, cmdpkt);
|
|
|
|
|
break;
|
2021-09-13 16:07:23 +01:00
|
|
|
case GITS_CMD_INVALL:
|
2021-09-13 16:07:24 +01:00
|
|
|
/*
|
|
|
|
|
* Current implementation doesn't cache any ITS tables,
|
|
|
|
|
* but the calculated lpi priority information. We only
|
|
|
|
|
* need to trigger lpi priority re-calculation to be in
|
|
|
|
|
* sync with LPI config table or pending table changes.
|
2022-04-08 15:15:27 +01:00
|
|
|
* INVALL operates on a collection specified by ICID so
|
|
|
|
|
* it only affects physical LPIs.
|
2021-09-13 16:07:24 +01:00
|
|
|
*/
|
2022-04-08 15:15:27 +01:00
|
|
|
trace_gicv3_its_cmd_invall();
|
2021-09-13 16:07:24 +01:00
|
|
|
for (i = 0; i < s->gicv3->num_cpu; i++) {
|
|
|
|
|
gicv3_redist_update_lpi(&s->gicv3->cpu[i]);
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
2022-01-22 18:24:44 +00:00
|
|
|
case GITS_CMD_MOVI:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_movi(s, cmdpkt);
|
2022-01-22 18:24:44 +00:00
|
|
|
break;
|
2022-01-22 18:24:43 +00:00
|
|
|
case GITS_CMD_MOVALL:
|
2022-02-01 19:31:55 +00:00
|
|
|
result = process_movall(s, cmdpkt);
|
2022-01-22 18:24:43 +00:00
|
|
|
break;
|
2022-04-08 15:15:17 +01:00
|
|
|
case GITS_CMD_VMAPTI:
|
|
|
|
|
result = process_vmapti(s, cmdpkt, false);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CMD_VMAPI:
|
|
|
|
|
result = process_vmapti(s, cmdpkt, true);
|
|
|
|
|
break;
|
2022-04-08 15:15:18 +01:00
|
|
|
case GITS_CMD_VMAPP:
|
|
|
|
|
result = process_vmapp(s, cmdpkt);
|
2022-04-08 15:15:25 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_VMOVP:
|
|
|
|
|
result = process_vmovp(s, cmdpkt);
|
2022-04-08 15:15:29 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_VMOVI:
|
|
|
|
|
result = process_vmovi(s, cmdpkt);
|
2022-04-08 15:15:30 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CMD_VINVALL:
|
|
|
|
|
result = process_vinvall(s, cmdpkt);
|
2022-04-08 15:15:18 +01:00
|
|
|
break;
|
2021-09-13 16:07:23 +01:00
|
|
|
default:
|
2022-03-03 20:23:37 +00:00
|
|
|
trace_gicv3_its_cmd_unknown(cmd);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
}
|
2022-04-08 15:15:19 +01:00
|
|
|
if (result != CMD_STALL) {
|
|
|
|
|
/* CMD_CONTINUE or CMD_CONTINUE_OK */
|
2021-09-13 16:07:23 +01:00
|
|
|
rd_offset++;
|
2022-01-07 17:08:00 +00:00
|
|
|
rd_offset %= s->cq.num_entries;
|
2021-09-13 16:07:23 +01:00
|
|
|
s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, OFFSET, rd_offset);
|
|
|
|
|
} else {
|
hw/intc/arm_gicv3_its: Use enum for return value of process_* functions
When an ITS detects an error in a command, it has an
implementation-defined (CONSTRAINED UNPREDICTABLE) choice of whether
to ignore the command, proceeding to the next one in the queue, or to
stall the ITS command queue, processing nothing further. The
behaviour required when the read of the command packet from memory
fails is less clearly documented, but the same set of choices as for
command errors seem reasonable.
The intention of the QEMU implementation, as documented in the
comments, is that if we encounter a memory error reading the command
packet or one of the various data tables then we should stall, but
for command parameter errors we should ignore the queue and continue.
However, we don't actually do this. To get the desired behaviour,
the various process_* functions need to return true to cause
process_cmdq() to advance to the next command and keep processing,
and false to stall command processing. What they mostly do is return
false for any kind of error.
To make the code clearer, replace the 'bool' return from the process_
functions with an enum which may be either CMD_STALL or CMD_CONTINUE.
In this commit no behaviour changes; in subsequent commits we will
adjust the error-return paths for the process_ functions one by one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20220111171048.3545974-6-peter.maydell@linaro.org
2022-01-11 17:10:40 +00:00
|
|
|
/* CMD_STALL */
|
2021-09-13 16:07:23 +01:00
|
|
|
s->creadr = FIELD_DP64(s->creadr, GITS_CREADR, STALLED, 1);
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
hw/intc/arm_gicv3_its: Use enum for return value of process_* functions
When an ITS detects an error in a command, it has an
implementation-defined (CONSTRAINED UNPREDICTABLE) choice of whether
to ignore the command, proceeding to the next one in the queue, or to
stall the ITS command queue, processing nothing further. The
behaviour required when the read of the command packet from memory
fails is less clearly documented, but the same set of choices as for
command errors seem reasonable.
The intention of the QEMU implementation, as documented in the
comments, is that if we encounter a memory error reading the command
packet or one of the various data tables then we should stall, but
for command parameter errors we should ignore the queue and continue.
However, we don't actually do this. To get the desired behaviour,
the various process_* functions need to return true to cause
process_cmdq() to advance to the next command and keep processing,
and false to stall command processing. What they mostly do is return
false for any kind of error.
To make the code clearer, replace the 'bool' return from the process_
functions with an enum which may be either CMD_STALL or CMD_CONTINUE.
In this commit no behaviour changes; in subsequent commits we will
adjust the error-return paths for the process_ functions one by one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20220111171048.3545974-6-peter.maydell@linaro.org
2022-01-11 17:10:40 +00:00
|
|
|
"%s: 0x%x cmd processing failed, stalling\n",
|
|
|
|
|
__func__, cmd);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
/*
|
|
|
|
|
* This function extracts the ITS Device and Collection table specific
|
|
|
|
|
* parameters (like base_addr, size etc) from GITS_BASER register.
|
|
|
|
|
* It is called during ITS enable and also during post_load migration
|
|
|
|
|
*/
|
|
|
|
|
static void extract_table_params(GICv3ITSState *s)
|
|
|
|
|
{
|
|
|
|
|
uint16_t num_pages = 0;
|
|
|
|
|
uint8_t page_sz_type;
|
|
|
|
|
uint8_t type;
|
|
|
|
|
uint32_t page_sz = 0;
|
|
|
|
|
uint64_t value;
|
|
|
|
|
|
|
|
|
|
for (int i = 0; i < 8; i++) {
|
2022-01-07 17:07:58 +00:00
|
|
|
TableDesc *td;
|
|
|
|
|
int idbits;
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
value = s->baser[i];
|
|
|
|
|
|
|
|
|
|
if (!value) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
page_sz_type = FIELD_EX64(value, GITS_BASER, PAGESIZE);
|
|
|
|
|
|
|
|
|
|
switch (page_sz_type) {
|
|
|
|
|
case 0:
|
|
|
|
|
page_sz = GITS_PAGE_SIZE_4K;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 1:
|
|
|
|
|
page_sz = GITS_PAGE_SIZE_16K;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 2:
|
|
|
|
|
case 3:
|
|
|
|
|
page_sz = GITS_PAGE_SIZE_64K;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
g_assert_not_reached();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
num_pages = FIELD_EX64(value, GITS_BASER, SIZE) + 1;
|
|
|
|
|
|
|
|
|
|
type = FIELD_EX64(value, GITS_BASER, TYPE);
|
|
|
|
|
|
|
|
|
|
switch (type) {
|
|
|
|
|
case GITS_BASER_TYPE_DEVICE:
|
2022-01-07 17:07:58 +00:00
|
|
|
td = &s->dt;
|
|
|
|
|
idbits = FIELD_EX64(s->typer, GITS_TYPER, DEVBITS) + 1;
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_BASER_TYPE_COLLECTION:
|
2022-01-07 17:07:58 +00:00
|
|
|
td = &s->ct;
|
2021-09-13 16:07:23 +01:00
|
|
|
if (FIELD_EX64(s->typer, GITS_TYPER, CIL)) {
|
2022-01-07 17:07:58 +00:00
|
|
|
idbits = FIELD_EX64(s->typer, GITS_TYPER, CIDBITS) + 1;
|
2021-09-13 16:07:23 +01:00
|
|
|
} else {
|
|
|
|
|
/* 16-bit CollectionId supported when CIL == 0 */
|
2022-01-07 17:07:58 +00:00
|
|
|
idbits = 16;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
break;
|
2022-04-08 15:15:16 +01:00
|
|
|
case GITS_BASER_TYPE_VPE:
|
|
|
|
|
td = &s->vpet;
|
|
|
|
|
/*
|
|
|
|
|
* For QEMU vPEIDs are always 16 bits. (GICv4.1 allows an
|
|
|
|
|
* implementation to implement fewer bits and report this
|
|
|
|
|
* via GICD_TYPER2.)
|
|
|
|
|
*/
|
|
|
|
|
idbits = 16;
|
|
|
|
|
break;
|
2021-09-13 16:07:23 +01:00
|
|
|
default:
|
2022-01-07 17:07:58 +00:00
|
|
|
/*
|
|
|
|
|
* GITS_BASER<n>.TYPE is read-only, so GITS_BASER_RO_MASK
|
|
|
|
|
* ensures we will only see type values corresponding to
|
|
|
|
|
* the values set up in gicv3_its_reset().
|
|
|
|
|
*/
|
|
|
|
|
g_assert_not_reached();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
memset(td, 0, sizeof(*td));
|
|
|
|
|
/*
|
|
|
|
|
* If GITS_BASER<n>.Valid is 0 for any <n> then we will not process
|
|
|
|
|
* interrupts. (GITS_TYPER.HCC is 0 for this implementation, so we
|
|
|
|
|
* do not have a special case where the GITS_BASER<n>.Valid bit is 0
|
|
|
|
|
* for the register corresponding to the Collection table but we
|
|
|
|
|
* still have to process interrupts using non-memory-backed
|
|
|
|
|
* Collection table entries.)
|
2022-02-01 19:32:04 +00:00
|
|
|
* The specification makes it UNPREDICTABLE to enable the ITS without
|
|
|
|
|
* marking each BASER<n> as valid. We choose to handle these as if
|
|
|
|
|
* the table was zero-sized, so commands using the table will fail
|
|
|
|
|
* and interrupts requested via GITS_TRANSLATER writes will be ignored.
|
|
|
|
|
* This happens automatically by leaving the num_entries field at
|
|
|
|
|
* zero, which will be caught by the bounds checks we have before
|
|
|
|
|
* every table lookup anyway.
|
2022-01-07 17:07:58 +00:00
|
|
|
*/
|
2022-02-01 19:32:04 +00:00
|
|
|
if (!FIELD_EX64(value, GITS_BASER, VALID)) {
|
2022-01-07 17:07:58 +00:00
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
td->page_sz = page_sz;
|
|
|
|
|
td->indirect = FIELD_EX64(value, GITS_BASER, INDIRECT);
|
2022-01-07 17:07:58 +00:00
|
|
|
td->entry_sz = FIELD_EX64(value, GITS_BASER, ENTRYSIZE) + 1;
|
2022-01-07 17:07:58 +00:00
|
|
|
td->base_addr = baser_base_addr(value, page_sz);
|
|
|
|
|
if (!td->indirect) {
|
2022-01-07 17:08:00 +00:00
|
|
|
td->num_entries = (num_pages * page_sz) / td->entry_sz;
|
2022-01-07 17:07:58 +00:00
|
|
|
} else {
|
2022-01-07 17:08:00 +00:00
|
|
|
td->num_entries = (((num_pages * page_sz) /
|
2022-01-07 17:07:58 +00:00
|
|
|
L1TABLE_ENTRY_SIZE) *
|
|
|
|
|
(page_sz / td->entry_sz));
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
hw/intc/arm_gicv3_its: Check table bounds against correct limit
Currently when we fill in a TableDesc based on the value the guest
has written to the GITS_BASER<n> register, we calculate both:
* num_entries : the number of entries in the table, constrained
by the amount of memory the guest has given it
* num_ids : the number of IDs we support for this table,
constrained by the implementation choices and the architecture
(eg DeviceIDs are 16 bits, so num_ids is 1 << 16)
When validating ITS commands, however, we check only num_ids,
thus allowing a broken guest to specify table entries that
index off the end of it. This will only corrupt guest memory,
but the ITS is supposed to reject such commands as invalid.
Instead of calculating both num_entries and num_ids, set
num_entries to the minimum of the two limits, and check that.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220122182444.724087-13-peter.maydell@linaro.org
2022-01-22 18:24:42 +00:00
|
|
|
td->num_entries = MIN(td->num_entries, 1ULL << idbits);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void extract_cmdq_params(GICv3ITSState *s)
|
|
|
|
|
{
|
|
|
|
|
uint16_t num_pages = 0;
|
|
|
|
|
uint64_t value = s->cbaser;
|
|
|
|
|
|
|
|
|
|
num_pages = FIELD_EX64(value, GITS_CBASER, SIZE) + 1;
|
|
|
|
|
|
|
|
|
|
memset(&s->cq, 0 , sizeof(s->cq));
|
|
|
|
|
|
2022-02-01 19:32:04 +00:00
|
|
|
if (FIELD_EX64(value, GITS_CBASER, VALID)) {
|
2022-01-07 17:08:00 +00:00
|
|
|
s->cq.num_entries = (num_pages * GITS_PAGE_SIZE_4K) /
|
2021-09-13 16:07:23 +01:00
|
|
|
GITS_CMDQ_ENTRY_SIZE;
|
|
|
|
|
s->cq.base_addr = FIELD_EX64(value, GITS_CBASER, PHYADDR);
|
|
|
|
|
s->cq.base_addr <<= R_GITS_CBASER_PHYADDR_SHIFT;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-22 18:24:40 +00:00
|
|
|
static MemTxResult gicv3_its_translation_read(void *opaque, hwaddr offset,
|
|
|
|
|
uint64_t *data, unsigned size,
|
|
|
|
|
MemTxAttrs attrs)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* GITS_TRANSLATER is write-only, and all other addresses
|
|
|
|
|
* in the interrupt translation space frame are RES0.
|
|
|
|
|
*/
|
|
|
|
|
*data = 0;
|
|
|
|
|
return MEMTX_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
static MemTxResult gicv3_its_translation_write(void *opaque, hwaddr offset,
|
|
|
|
|
uint64_t data, unsigned size,
|
|
|
|
|
MemTxAttrs attrs)
|
|
|
|
|
{
|
2021-09-13 16:07:23 +01:00
|
|
|
GICv3ITSState *s = (GICv3ITSState *)opaque;
|
|
|
|
|
bool result = true;
|
|
|
|
|
|
2022-01-22 18:24:32 +00:00
|
|
|
trace_gicv3_its_translation_write(offset, data, size, attrs.requester_id);
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
switch (offset) {
|
|
|
|
|
case GITS_TRANSLATER:
|
2022-01-07 17:07:58 +00:00
|
|
|
if (s->ctlr & R_GITS_CTLR_ENABLED_MASK) {
|
2022-02-01 19:31:55 +00:00
|
|
|
result = do_process_its_cmd(s, attrs.requester_id, data, NONE);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (result) {
|
|
|
|
|
return MEMTX_OK;
|
|
|
|
|
} else {
|
|
|
|
|
return MEMTX_ERROR;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static bool its_writel(GICv3ITSState *s, hwaddr offset,
|
|
|
|
|
uint64_t value, MemTxAttrs attrs)
|
|
|
|
|
{
|
|
|
|
|
bool result = true;
|
2021-09-13 16:07:23 +01:00
|
|
|
int index;
|
|
|
|
|
|
|
|
|
|
switch (offset) {
|
|
|
|
|
case GITS_CTLR:
|
2021-11-24 13:22:46 -05:00
|
|
|
if (value & R_GITS_CTLR_ENABLED_MASK) {
|
2022-01-07 17:07:58 +00:00
|
|
|
s->ctlr |= R_GITS_CTLR_ENABLED_MASK;
|
2021-09-13 16:07:23 +01:00
|
|
|
extract_table_params(s);
|
|
|
|
|
extract_cmdq_params(s);
|
2021-09-13 16:07:23 +01:00
|
|
|
process_cmdq(s);
|
2021-11-24 13:22:46 -05:00
|
|
|
} else {
|
2022-01-07 17:07:58 +00:00
|
|
|
s->ctlr &= ~R_GITS_CTLR_ENABLED_MASK;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CBASER:
|
|
|
|
|
/*
|
|
|
|
|
* IMPDEF choice:- GITS_CBASER register becomes RO if ITS is
|
|
|
|
|
* already enabled
|
|
|
|
|
*/
|
2022-01-07 17:07:58 +00:00
|
|
|
if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) {
|
2021-09-13 16:07:23 +01:00
|
|
|
s->cbaser = deposit64(s->cbaser, 0, 32, value);
|
|
|
|
|
s->creadr = 0;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CBASER + 4:
|
|
|
|
|
/*
|
|
|
|
|
* IMPDEF choice:- GITS_CBASER register becomes RO if ITS is
|
|
|
|
|
* already enabled
|
|
|
|
|
*/
|
2022-01-07 17:07:58 +00:00
|
|
|
if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) {
|
2021-09-13 16:07:23 +01:00
|
|
|
s->cbaser = deposit64(s->cbaser, 32, 32, value);
|
|
|
|
|
s->creadr = 0;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CWRITER:
|
|
|
|
|
s->cwriter = deposit64(s->cwriter, 0, 32,
|
|
|
|
|
(value & ~R_GITS_CWRITER_RETRY_MASK));
|
2021-09-13 16:07:23 +01:00
|
|
|
if (s->cwriter != s->creadr) {
|
|
|
|
|
process_cmdq(s);
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CWRITER + 4:
|
|
|
|
|
s->cwriter = deposit64(s->cwriter, 32, 32, value);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CREADR:
|
|
|
|
|
if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) {
|
|
|
|
|
s->creadr = deposit64(s->creadr, 0, 32,
|
|
|
|
|
(value & ~R_GITS_CREADR_STALLED_MASK));
|
|
|
|
|
} else {
|
|
|
|
|
/* RO register, ignore the write */
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid guest write to RO register at offset "
|
2023-01-10 22:29:47 +01:00
|
|
|
HWADDR_FMT_plx "\n", __func__, offset);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CREADR + 4:
|
|
|
|
|
if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) {
|
|
|
|
|
s->creadr = deposit64(s->creadr, 32, 32, value);
|
|
|
|
|
} else {
|
|
|
|
|
/* RO register, ignore the write */
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid guest write to RO register at offset "
|
2023-01-10 22:29:47 +01:00
|
|
|
HWADDR_FMT_plx "\n", __func__, offset);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_BASER ... GITS_BASER + 0x3f:
|
|
|
|
|
/*
|
|
|
|
|
* IMPDEF choice:- GITS_BASERn register becomes RO if ITS is
|
|
|
|
|
* already enabled
|
|
|
|
|
*/
|
2022-01-07 17:07:58 +00:00
|
|
|
if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) {
|
2021-09-13 16:07:23 +01:00
|
|
|
index = (offset - GITS_BASER) / 8;
|
|
|
|
|
|
2022-01-22 18:24:41 +00:00
|
|
|
if (s->baser[index] == 0) {
|
|
|
|
|
/* Unimplemented GITS_BASERn: RAZ/WI */
|
|
|
|
|
break;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
if (offset & 7) {
|
|
|
|
|
value <<= 32;
|
|
|
|
|
value &= ~GITS_BASER_RO_MASK;
|
|
|
|
|
s->baser[index] &= GITS_BASER_RO_MASK | MAKE_64BIT_MASK(0, 32);
|
|
|
|
|
s->baser[index] |= value;
|
|
|
|
|
} else {
|
|
|
|
|
value &= ~GITS_BASER_RO_MASK;
|
|
|
|
|
s->baser[index] &= GITS_BASER_RO_MASK | MAKE_64BIT_MASK(32, 32);
|
|
|
|
|
s->baser[index] |= value;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_IIDR:
|
|
|
|
|
case GITS_IDREGS ... GITS_IDREGS + 0x2f:
|
|
|
|
|
/* RO registers, ignore the write */
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid guest write to RO register at offset "
|
2023-01-10 22:29:47 +01:00
|
|
|
HWADDR_FMT_plx "\n", __func__, offset);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
result = false;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static bool its_readl(GICv3ITSState *s, hwaddr offset,
|
|
|
|
|
uint64_t *data, MemTxAttrs attrs)
|
|
|
|
|
{
|
|
|
|
|
bool result = true;
|
2021-09-13 16:07:23 +01:00
|
|
|
int index;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
switch (offset) {
|
|
|
|
|
case GITS_CTLR:
|
|
|
|
|
*data = s->ctlr;
|
|
|
|
|
break;
|
|
|
|
|
case GITS_IIDR:
|
|
|
|
|
*data = gicv3_iidr();
|
|
|
|
|
break;
|
|
|
|
|
case GITS_IDREGS ... GITS_IDREGS + 0x2f:
|
|
|
|
|
/* ID registers */
|
2022-04-08 15:15:46 +01:00
|
|
|
*data = gicv3_idreg(s->gicv3, offset - GITS_IDREGS, GICV3_PIDR0_ITS);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_TYPER:
|
|
|
|
|
*data = extract64(s->typer, 0, 32);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_TYPER + 4:
|
|
|
|
|
*data = extract64(s->typer, 32, 32);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CBASER:
|
|
|
|
|
*data = extract64(s->cbaser, 0, 32);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CBASER + 4:
|
|
|
|
|
*data = extract64(s->cbaser, 32, 32);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CREADR:
|
|
|
|
|
*data = extract64(s->creadr, 0, 32);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CREADR + 4:
|
|
|
|
|
*data = extract64(s->creadr, 32, 32);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CWRITER:
|
|
|
|
|
*data = extract64(s->cwriter, 0, 32);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CWRITER + 4:
|
|
|
|
|
*data = extract64(s->cwriter, 32, 32);
|
|
|
|
|
break;
|
|
|
|
|
case GITS_BASER ... GITS_BASER + 0x3f:
|
|
|
|
|
index = (offset - GITS_BASER) / 8;
|
|
|
|
|
if (offset & 7) {
|
|
|
|
|
*data = extract64(s->baser[index], 32, 32);
|
|
|
|
|
} else {
|
|
|
|
|
*data = extract64(s->baser[index], 0, 32);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
result = false;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static bool its_writell(GICv3ITSState *s, hwaddr offset,
|
|
|
|
|
uint64_t value, MemTxAttrs attrs)
|
|
|
|
|
{
|
|
|
|
|
bool result = true;
|
2021-09-13 16:07:23 +01:00
|
|
|
int index;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
switch (offset) {
|
|
|
|
|
case GITS_BASER ... GITS_BASER + 0x3f:
|
|
|
|
|
/*
|
|
|
|
|
* IMPDEF choice:- GITS_BASERn register becomes RO if ITS is
|
|
|
|
|
* already enabled
|
|
|
|
|
*/
|
2022-01-07 17:07:58 +00:00
|
|
|
if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) {
|
2021-09-13 16:07:23 +01:00
|
|
|
index = (offset - GITS_BASER) / 8;
|
2022-01-22 18:24:41 +00:00
|
|
|
if (s->baser[index] == 0) {
|
|
|
|
|
/* Unimplemented GITS_BASERn: RAZ/WI */
|
|
|
|
|
break;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
s->baser[index] &= GITS_BASER_RO_MASK;
|
|
|
|
|
s->baser[index] |= (value & ~GITS_BASER_RO_MASK);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CBASER:
|
|
|
|
|
/*
|
|
|
|
|
* IMPDEF choice:- GITS_CBASER register becomes RO if ITS is
|
|
|
|
|
* already enabled
|
|
|
|
|
*/
|
2022-01-07 17:07:58 +00:00
|
|
|
if (!(s->ctlr & R_GITS_CTLR_ENABLED_MASK)) {
|
2021-09-13 16:07:23 +01:00
|
|
|
s->cbaser = value;
|
|
|
|
|
s->creadr = 0;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CWRITER:
|
|
|
|
|
s->cwriter = value & ~R_GITS_CWRITER_RETRY_MASK;
|
2021-09-13 16:07:23 +01:00
|
|
|
if (s->cwriter != s->creadr) {
|
|
|
|
|
process_cmdq(s);
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
case GITS_CREADR:
|
|
|
|
|
if (s->gicv3->gicd_ctlr & GICD_CTLR_DS) {
|
|
|
|
|
s->creadr = value & ~R_GITS_CREADR_STALLED_MASK;
|
|
|
|
|
} else {
|
|
|
|
|
/* RO register, ignore the write */
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid guest write to RO register at offset "
|
2023-01-10 22:29:47 +01:00
|
|
|
HWADDR_FMT_plx "\n", __func__, offset);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case GITS_TYPER:
|
|
|
|
|
/* RO registers, ignore the write */
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
|
|
|
|
"%s: invalid guest write to RO register at offset "
|
2023-01-10 22:29:47 +01:00
|
|
|
HWADDR_FMT_plx "\n", __func__, offset);
|
2021-09-13 16:07:23 +01:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
result = false;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static bool its_readll(GICv3ITSState *s, hwaddr offset,
|
|
|
|
|
uint64_t *data, MemTxAttrs attrs)
|
|
|
|
|
{
|
|
|
|
|
bool result = true;
|
2021-09-13 16:07:23 +01:00
|
|
|
int index;
|
2021-09-13 16:07:23 +01:00
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
switch (offset) {
|
|
|
|
|
case GITS_TYPER:
|
|
|
|
|
*data = s->typer;
|
|
|
|
|
break;
|
|
|
|
|
case GITS_BASER ... GITS_BASER + 0x3f:
|
|
|
|
|
index = (offset - GITS_BASER) / 8;
|
|
|
|
|
*data = s->baser[index];
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CBASER:
|
|
|
|
|
*data = s->cbaser;
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CREADR:
|
|
|
|
|
*data = s->creadr;
|
|
|
|
|
break;
|
|
|
|
|
case GITS_CWRITER:
|
|
|
|
|
*data = s->cwriter;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
result = false;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static MemTxResult gicv3_its_read(void *opaque, hwaddr offset, uint64_t *data,
|
|
|
|
|
unsigned size, MemTxAttrs attrs)
|
|
|
|
|
{
|
|
|
|
|
GICv3ITSState *s = (GICv3ITSState *)opaque;
|
|
|
|
|
bool result;
|
|
|
|
|
|
|
|
|
|
switch (size) {
|
|
|
|
|
case 4:
|
|
|
|
|
result = its_readl(s, offset, data, attrs);
|
|
|
|
|
break;
|
|
|
|
|
case 8:
|
|
|
|
|
result = its_readll(s, offset, data, attrs);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
result = false;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!result) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
2023-01-10 22:29:47 +01:00
|
|
|
"%s: invalid guest read at offset " HWADDR_FMT_plx
|
2022-03-03 20:23:40 +00:00
|
|
|
" size %u\n", __func__, offset, size);
|
2022-01-22 18:24:32 +00:00
|
|
|
trace_gicv3_its_badread(offset, size);
|
2021-09-13 16:07:23 +01:00
|
|
|
/*
|
|
|
|
|
* The spec requires that reserved registers are RAZ/WI;
|
|
|
|
|
* so use false returns from leaf functions as a way to
|
|
|
|
|
* trigger the guest-error logging but don't return it to
|
|
|
|
|
* the caller, or we'll cause a spurious guest data abort.
|
|
|
|
|
*/
|
|
|
|
|
*data = 0;
|
2022-01-22 18:24:32 +00:00
|
|
|
} else {
|
|
|
|
|
trace_gicv3_its_read(offset, *data, size);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
return MEMTX_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static MemTxResult gicv3_its_write(void *opaque, hwaddr offset, uint64_t data,
|
|
|
|
|
unsigned size, MemTxAttrs attrs)
|
|
|
|
|
{
|
|
|
|
|
GICv3ITSState *s = (GICv3ITSState *)opaque;
|
|
|
|
|
bool result;
|
|
|
|
|
|
|
|
|
|
switch (size) {
|
|
|
|
|
case 4:
|
|
|
|
|
result = its_writel(s, offset, data, attrs);
|
|
|
|
|
break;
|
|
|
|
|
case 8:
|
|
|
|
|
result = its_writell(s, offset, data, attrs);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
result = false;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!result) {
|
|
|
|
|
qemu_log_mask(LOG_GUEST_ERROR,
|
2023-01-10 22:29:47 +01:00
|
|
|
"%s: invalid guest write at offset " HWADDR_FMT_plx
|
2022-03-03 20:23:40 +00:00
|
|
|
" size %u\n", __func__, offset, size);
|
2022-01-22 18:24:32 +00:00
|
|
|
trace_gicv3_its_badwrite(offset, data, size);
|
2021-09-13 16:07:23 +01:00
|
|
|
/*
|
|
|
|
|
* The spec requires that reserved registers are RAZ/WI;
|
|
|
|
|
* so use false returns from leaf functions as a way to
|
|
|
|
|
* trigger the guest-error logging but don't return it to
|
|
|
|
|
* the caller, or we'll cause a spurious guest data abort.
|
|
|
|
|
*/
|
2022-01-22 18:24:32 +00:00
|
|
|
} else {
|
|
|
|
|
trace_gicv3_its_write(offset, data, size);
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
return MEMTX_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static const MemoryRegionOps gicv3_its_control_ops = {
|
|
|
|
|
.read_with_attrs = gicv3_its_read,
|
|
|
|
|
.write_with_attrs = gicv3_its_write,
|
|
|
|
|
.valid.min_access_size = 4,
|
|
|
|
|
.valid.max_access_size = 8,
|
|
|
|
|
.impl.min_access_size = 4,
|
|
|
|
|
.impl.max_access_size = 8,
|
|
|
|
|
.endianness = DEVICE_NATIVE_ENDIAN,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static const MemoryRegionOps gicv3_its_translation_ops = {
|
2022-01-22 18:24:40 +00:00
|
|
|
.read_with_attrs = gicv3_its_translation_read,
|
2021-09-13 16:07:23 +01:00
|
|
|
.write_with_attrs = gicv3_its_translation_write,
|
|
|
|
|
.valid.min_access_size = 2,
|
|
|
|
|
.valid.max_access_size = 4,
|
|
|
|
|
.impl.min_access_size = 2,
|
|
|
|
|
.impl.max_access_size = 4,
|
|
|
|
|
.endianness = DEVICE_NATIVE_ENDIAN,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static void gicv3_arm_its_realize(DeviceState *dev, Error **errp)
|
|
|
|
|
{
|
|
|
|
|
GICv3ITSState *s = ARM_GICV3_ITS_COMMON(dev);
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < s->gicv3->num_cpu; i++) {
|
|
|
|
|
if (!(s->gicv3->cpu[i].gicr_typer & GICR_TYPER_PLPIS)) {
|
|
|
|
|
error_setg(errp, "Physical LPI not supported by CPU %d", i);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-08 15:15:24 +01:00
|
|
|
gicv3_add_its(s->gicv3, dev);
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
gicv3_its_init_mmio(s, &gicv3_its_control_ops, &gicv3_its_translation_ops);
|
|
|
|
|
|
|
|
|
|
/* set the ITS default features supported */
|
2022-01-07 17:07:59 +00:00
|
|
|
s->typer = FIELD_DP64(s->typer, GITS_TYPER, PHYSICAL, 1);
|
2021-09-13 16:07:23 +01:00
|
|
|
s->typer = FIELD_DP64(s->typer, GITS_TYPER, ITT_ENTRY_SIZE,
|
|
|
|
|
ITS_ITT_ENTRY_SIZE - 1);
|
|
|
|
|
s->typer = FIELD_DP64(s->typer, GITS_TYPER, IDBITS, ITS_IDBITS);
|
|
|
|
|
s->typer = FIELD_DP64(s->typer, GITS_TYPER, DEVBITS, ITS_DEVBITS);
|
|
|
|
|
s->typer = FIELD_DP64(s->typer, GITS_TYPER, CIL, 1);
|
|
|
|
|
s->typer = FIELD_DP64(s->typer, GITS_TYPER, CIDBITS, ITS_CIDBITS);
|
2022-04-08 15:15:46 +01:00
|
|
|
if (s->gicv3->revision >= 4) {
|
|
|
|
|
/* Our VMOVP handles cross-ITS synchronization itself */
|
|
|
|
|
s->typer = FIELD_DP64(s->typer, GITS_TYPER, VMOVP, 1);
|
|
|
|
|
s->typer = FIELD_DP64(s->typer, GITS_TYPER, VIRTUAL, 1);
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2024-04-12 17:08:07 +01:00
|
|
|
static void gicv3_its_reset_hold(Object *obj, ResetType type)
|
2021-09-13 16:07:23 +01:00
|
|
|
{
|
2022-12-14 14:27:12 +00:00
|
|
|
GICv3ITSState *s = ARM_GICV3_ITS_COMMON(obj);
|
2021-09-13 16:07:23 +01:00
|
|
|
GICv3ITSClass *c = ARM_GICV3_ITS_GET_CLASS(s);
|
|
|
|
|
|
2022-12-14 14:27:12 +00:00
|
|
|
if (c->parent_phases.hold) {
|
2024-04-12 17:08:07 +01:00
|
|
|
c->parent_phases.hold(obj, type);
|
2022-12-14 14:27:12 +00:00
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
|
|
|
|
|
/* Quiescent bit reset to 1 */
|
|
|
|
|
s->ctlr = FIELD_DP32(s->ctlr, GITS_CTLR, QUIESCENT, 1);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* setting GITS_BASER0.Type = 0b001 (Device)
|
|
|
|
|
* GITS_BASER1.Type = 0b100 (Collection Table)
|
2022-04-08 15:15:16 +01:00
|
|
|
* GITS_BASER2.Type = 0b010 (vPE) for GICv4 and later
|
2021-09-13 16:07:23 +01:00
|
|
|
* GITS_BASER<n>.Type,where n = 3 to 7 are 0b00 (Unimplemented)
|
|
|
|
|
* GITS_BASER<0,1>.Page_Size = 64KB
|
|
|
|
|
* and default translation table entry size to 16 bytes
|
|
|
|
|
*/
|
|
|
|
|
s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, TYPE,
|
|
|
|
|
GITS_BASER_TYPE_DEVICE);
|
|
|
|
|
s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, PAGESIZE,
|
|
|
|
|
GITS_BASER_PAGESIZE_64K);
|
|
|
|
|
s->baser[0] = FIELD_DP64(s->baser[0], GITS_BASER, ENTRYSIZE,
|
|
|
|
|
GITS_DTE_SIZE - 1);
|
|
|
|
|
|
|
|
|
|
s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, TYPE,
|
|
|
|
|
GITS_BASER_TYPE_COLLECTION);
|
|
|
|
|
s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, PAGESIZE,
|
|
|
|
|
GITS_BASER_PAGESIZE_64K);
|
|
|
|
|
s->baser[1] = FIELD_DP64(s->baser[1], GITS_BASER, ENTRYSIZE,
|
|
|
|
|
GITS_CTE_SIZE - 1);
|
2022-04-08 15:15:16 +01:00
|
|
|
|
|
|
|
|
if (its_feature_virtual(s)) {
|
|
|
|
|
s->baser[2] = FIELD_DP64(s->baser[2], GITS_BASER, TYPE,
|
|
|
|
|
GITS_BASER_TYPE_VPE);
|
|
|
|
|
s->baser[2] = FIELD_DP64(s->baser[2], GITS_BASER, PAGESIZE,
|
|
|
|
|
GITS_BASER_PAGESIZE_64K);
|
|
|
|
|
s->baser[2] = FIELD_DP64(s->baser[2], GITS_BASER, ENTRYSIZE,
|
|
|
|
|
GITS_VPE_SIZE - 1);
|
|
|
|
|
}
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
static void gicv3_its_post_load(GICv3ITSState *s)
|
|
|
|
|
{
|
2022-01-07 17:07:58 +00:00
|
|
|
if (s->ctlr & R_GITS_CTLR_ENABLED_MASK) {
|
2021-09-13 16:07:23 +01:00
|
|
|
extract_table_params(s);
|
|
|
|
|
extract_cmdq_params(s);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-13 16:07:23 +01:00
|
|
|
static Property gicv3_its_props[] = {
|
|
|
|
|
DEFINE_PROP_LINK("parent-gicv3", GICv3ITSState, gicv3, "arm-gicv3",
|
|
|
|
|
GICv3State *),
|
|
|
|
|
DEFINE_PROP_END_OF_LIST(),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static void gicv3_its_class_init(ObjectClass *klass, void *data)
|
|
|
|
|
{
|
|
|
|
|
DeviceClass *dc = DEVICE_CLASS(klass);
|
2022-12-14 14:27:12 +00:00
|
|
|
ResettableClass *rc = RESETTABLE_CLASS(klass);
|
2021-09-13 16:07:23 +01:00
|
|
|
GICv3ITSClass *ic = ARM_GICV3_ITS_CLASS(klass);
|
2021-09-13 16:07:23 +01:00
|
|
|
GICv3ITSCommonClass *icc = ARM_GICV3_ITS_COMMON_CLASS(klass);
|
2021-09-13 16:07:23 +01:00
|
|
|
|
|
|
|
|
dc->realize = gicv3_arm_its_realize;
|
|
|
|
|
device_class_set_props(dc, gicv3_its_props);
|
2022-12-14 14:27:12 +00:00
|
|
|
resettable_class_set_parent_phases(rc, NULL, gicv3_its_reset_hold, NULL,
|
|
|
|
|
&ic->parent_phases);
|
2021-09-13 16:07:23 +01:00
|
|
|
icc->post_load = gicv3_its_post_load;
|
2021-09-13 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static const TypeInfo gicv3_its_info = {
|
|
|
|
|
.name = TYPE_ARM_GICV3_ITS,
|
|
|
|
|
.parent = TYPE_ARM_GICV3_ITS_COMMON,
|
|
|
|
|
.instance_size = sizeof(GICv3ITSState),
|
|
|
|
|
.class_init = gicv3_its_class_init,
|
|
|
|
|
.class_size = sizeof(GICv3ITSClass),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static void gicv3_its_register_types(void)
|
|
|
|
|
{
|
|
|
|
|
type_register_static(&gicv3_its_info);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type_init(gicv3_its_register_types)
|