linux/arch/powerpc/kvm/mpic.c
<<
>>
Prefs
   1/*
   2 * OpenPIC emulation
   3 *
   4 * Copyright (c) 2004 Jocelyn Mayer
   5 *               2011 Alexander Graf
   6 *
   7 * Permission is hereby granted, free of charge, to any person obtaining a copy
   8 * of this software and associated documentation files (the "Software"), to deal
   9 * in the Software without restriction, including without limitation the rights
  10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  11 * copies of the Software, and to permit persons to whom the Software is
  12 * furnished to do so, subject to the following conditions:
  13 *
  14 * The above copyright notice and this permission notice shall be included in
  15 * all copies or substantial portions of the Software.
  16 *
  17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  23 * THE SOFTWARE.
  24 */
  25
  26#include <linux/slab.h>
  27#include <linux/mutex.h>
  28#include <linux/kvm_host.h>
  29#include <linux/errno.h>
  30#include <linux/fs.h>
  31#include <linux/anon_inodes.h>
  32#include <linux/uaccess.h>
  33#include <asm/mpic.h>
  34#include <asm/kvm_para.h>
  35#include <asm/kvm_ppc.h>
  36#include <kvm/iodev.h>
  37
  38#define MAX_CPU     32
  39#define MAX_SRC     256
  40#define MAX_TMR     4
  41#define MAX_IPI     4
  42#define MAX_MSI     8
  43#define MAX_IRQ     (MAX_SRC + MAX_IPI + MAX_TMR)
  44#define VID         0x03        /* MPIC version ID */
  45
  46/* OpenPIC capability flags */
  47#define OPENPIC_FLAG_IDR_CRIT     (1 << 0)
  48#define OPENPIC_FLAG_ILR          (2 << 0)
  49
  50/* OpenPIC address map */
  51#define OPENPIC_REG_SIZE             0x40000
  52#define OPENPIC_GLB_REG_START        0x0
  53#define OPENPIC_GLB_REG_SIZE         0x10F0
  54#define OPENPIC_TMR_REG_START        0x10F0
  55#define OPENPIC_TMR_REG_SIZE         0x220
  56#define OPENPIC_MSI_REG_START        0x1600
  57#define OPENPIC_MSI_REG_SIZE         0x200
  58#define OPENPIC_SUMMARY_REG_START    0x3800
  59#define OPENPIC_SUMMARY_REG_SIZE     0x800
  60#define OPENPIC_SRC_REG_START        0x10000
  61#define OPENPIC_SRC_REG_SIZE         (MAX_SRC * 0x20)
  62#define OPENPIC_CPU_REG_START        0x20000
  63#define OPENPIC_CPU_REG_SIZE         (0x100 + ((MAX_CPU - 1) * 0x1000))
  64
  65struct fsl_mpic_info {
  66        int max_ext;
  67};
  68
  69static struct fsl_mpic_info fsl_mpic_20 = {
  70        .max_ext = 12,
  71};
  72
  73static struct fsl_mpic_info fsl_mpic_42 = {
  74        .max_ext = 12,
  75};
  76
  77#define FRR_NIRQ_SHIFT    16
  78#define FRR_NCPU_SHIFT     8
  79#define FRR_VID_SHIFT      0
  80
  81#define VID_REVISION_1_2   2
  82#define VID_REVISION_1_3   3
  83
  84#define VIR_GENERIC      0x00000000     /* Generic Vendor ID */
  85
  86#define GCR_RESET        0x80000000
  87#define GCR_MODE_PASS    0x00000000
  88#define GCR_MODE_MIXED   0x20000000
  89#define GCR_MODE_PROXY   0x60000000
  90
  91#define TBCR_CI           0x80000000    /* count inhibit */
  92#define TCCR_TOG          0x80000000    /* toggles when decrement to zero */
  93
  94#define IDR_EP_SHIFT      31
  95#define IDR_EP_MASK       (1 << IDR_EP_SHIFT)
  96#define IDR_CI0_SHIFT     30
  97#define IDR_CI1_SHIFT     29
  98#define IDR_P1_SHIFT      1
  99#define IDR_P0_SHIFT      0
 100
 101#define ILR_INTTGT_MASK   0x000000ff
 102#define ILR_INTTGT_INT    0x00
 103#define ILR_INTTGT_CINT   0x01  /* critical */
 104#define ILR_INTTGT_MCP    0x02  /* machine check */
 105#define NUM_OUTPUTS       3
 106
 107#define MSIIR_OFFSET       0x140
 108#define MSIIR_SRS_SHIFT    29
 109#define MSIIR_SRS_MASK     (0x7 << MSIIR_SRS_SHIFT)
 110#define MSIIR_IBS_SHIFT    24
 111#define MSIIR_IBS_MASK     (0x1f << MSIIR_IBS_SHIFT)
 112
 113static int get_current_cpu(void)
 114{
 115#if defined(CONFIG_KVM) && defined(CONFIG_BOOKE)
 116        struct kvm_vcpu *vcpu = current->thread.kvm_vcpu;
 117        return vcpu ? vcpu->arch.irq_cpu_id : -1;
 118#else
 119        /* XXX */
 120        return -1;
 121#endif
 122}
 123
 124static int openpic_cpu_write_internal(void *opaque, gpa_t addr,
 125                                      u32 val, int idx);
 126static int openpic_cpu_read_internal(void *opaque, gpa_t addr,
 127                                     u32 *ptr, int idx);
 128static inline void write_IRQreg_idr(struct openpic *opp, int n_IRQ,
 129                                    uint32_t val);
 130
 131enum irq_type {
 132        IRQ_TYPE_NORMAL = 0,
 133        IRQ_TYPE_FSLINT,        /* FSL internal interrupt -- level only */
 134        IRQ_TYPE_FSLSPECIAL,    /* FSL timer/IPI interrupt, edge, no polarity */
 135};
 136
 137struct irq_queue {
 138        /* Round up to the nearest 64 IRQs so that the queue length
 139         * won't change when moving between 32 and 64 bit hosts.
 140         */
 141        unsigned long queue[BITS_TO_LONGS((MAX_IRQ + 63) & ~63)];
 142        int next;
 143        int priority;
 144};
 145
 146struct irq_source {
 147        uint32_t ivpr;          /* IRQ vector/priority register */
 148        uint32_t idr;           /* IRQ destination register */
 149        uint32_t destmask;      /* bitmap of CPU destinations */
 150        int last_cpu;
 151        int output;             /* IRQ level, e.g. ILR_INTTGT_INT */
 152        int pending;            /* TRUE if IRQ is pending */
 153        enum irq_type type;
 154        bool level:1;           /* level-triggered */
 155        bool nomask:1;  /* critical interrupts ignore mask on some FSL MPICs */
 156};
 157
 158#define IVPR_MASK_SHIFT       31
 159#define IVPR_MASK_MASK        (1 << IVPR_MASK_SHIFT)
 160#define IVPR_ACTIVITY_SHIFT   30
 161#define IVPR_ACTIVITY_MASK    (1 << IVPR_ACTIVITY_SHIFT)
 162#define IVPR_MODE_SHIFT       29
 163#define IVPR_MODE_MASK        (1 << IVPR_MODE_SHIFT)
 164#define IVPR_POLARITY_SHIFT   23
 165#define IVPR_POLARITY_MASK    (1 << IVPR_POLARITY_SHIFT)
 166#define IVPR_SENSE_SHIFT      22
 167#define IVPR_SENSE_MASK       (1 << IVPR_SENSE_SHIFT)
 168
 169#define IVPR_PRIORITY_MASK     (0xF << 16)
 170#define IVPR_PRIORITY(_ivprr_) ((int)(((_ivprr_) & IVPR_PRIORITY_MASK) >> 16))
 171#define IVPR_VECTOR(opp, _ivprr_) ((_ivprr_) & (opp)->vector_mask)
 172
 173/* IDR[EP/CI] are only for FSL MPIC prior to v4.0 */
 174#define IDR_EP      0x80000000  /* external pin */
 175#define IDR_CI      0x40000000  /* critical interrupt */
 176
 177struct irq_dest {
 178        struct kvm_vcpu *vcpu;
 179
 180        int32_t ctpr;           /* CPU current task priority */
 181        struct irq_queue raised;
 182        struct irq_queue servicing;
 183
 184        /* Count of IRQ sources asserting on non-INT outputs */
 185        uint32_t outputs_active[NUM_OUTPUTS];
 186};
 187
 188#define MAX_MMIO_REGIONS 10
 189
 190struct openpic {
 191        struct kvm *kvm;
 192        struct kvm_device *dev;
 193        struct kvm_io_device mmio;
 194        const struct mem_reg *mmio_regions[MAX_MMIO_REGIONS];
 195        int num_mmio_regions;
 196
 197        gpa_t reg_base;
 198        spinlock_t lock;
 199
 200        /* Behavior control */
 201        struct fsl_mpic_info *fsl;
 202        uint32_t model;
 203        uint32_t flags;
 204        uint32_t nb_irqs;
 205        uint32_t vid;
 206        uint32_t vir;           /* Vendor identification register */
 207        uint32_t vector_mask;
 208        uint32_t tfrr_reset;
 209        uint32_t ivpr_reset;
 210        uint32_t idr_reset;
 211        uint32_t brr1;
 212        uint32_t mpic_mode_mask;
 213
 214        /* Global registers */
 215        uint32_t frr;           /* Feature reporting register */
 216        uint32_t gcr;           /* Global configuration register  */
 217        uint32_t pir;           /* Processor initialization register */
 218        uint32_t spve;          /* Spurious vector register */
 219        uint32_t tfrr;          /* Timer frequency reporting register */
 220        /* Source registers */
 221        struct irq_source src[MAX_IRQ];
 222        /* Local registers per output pin */
 223        struct irq_dest dst[MAX_CPU];
 224        uint32_t nb_cpus;
 225        /* Timer registers */
 226        struct {
 227                uint32_t tccr;  /* Global timer current count register */
 228                uint32_t tbcr;  /* Global timer base count register */
 229        } timers[MAX_TMR];
 230        /* Shared MSI registers */
 231        struct {
 232                uint32_t msir;  /* Shared Message Signaled Interrupt Register */
 233        } msi[MAX_MSI];
 234        uint32_t max_irq;
 235        uint32_t irq_ipi0;
 236        uint32_t irq_tim0;
 237        uint32_t irq_msi;
 238};
 239
 240
 241static void mpic_irq_raise(struct openpic *opp, struct irq_dest *dst,
 242                           int output)
 243{
 244        struct kvm_interrupt irq = {
 245                .irq = KVM_INTERRUPT_SET_LEVEL,
 246        };
 247
 248        if (!dst->vcpu) {
 249                pr_debug("%s: destination cpu %d does not exist\n",
 250                         __func__, (int)(dst - &opp->dst[0]));
 251                return;
 252        }
 253
 254        pr_debug("%s: cpu %d output %d\n", __func__, dst->vcpu->arch.irq_cpu_id,
 255                output);
 256
 257        if (output != ILR_INTTGT_INT)   /* TODO */
 258                return;
 259
 260        kvm_vcpu_ioctl_interrupt(dst->vcpu, &irq);
 261}
 262
 263static void mpic_irq_lower(struct openpic *opp, struct irq_dest *dst,
 264                           int output)
 265{
 266        if (!dst->vcpu) {
 267                pr_debug("%s: destination cpu %d does not exist\n",
 268                         __func__, (int)(dst - &opp->dst[0]));
 269                return;
 270        }
 271
 272        pr_debug("%s: cpu %d output %d\n", __func__, dst->vcpu->arch.irq_cpu_id,
 273                output);
 274
 275        if (output != ILR_INTTGT_INT)   /* TODO */
 276                return;
 277
 278        kvmppc_core_dequeue_external(dst->vcpu);
 279}
 280
 281static inline void IRQ_setbit(struct irq_queue *q, int n_IRQ)
 282{
 283        set_bit(n_IRQ, q->queue);
 284}
 285
 286static inline void IRQ_resetbit(struct irq_queue *q, int n_IRQ)
 287{
 288        clear_bit(n_IRQ, q->queue);
 289}
 290
 291static void IRQ_check(struct openpic *opp, struct irq_queue *q)
 292{
 293        int irq = -1;
 294        int next = -1;
 295        int priority = -1;
 296
 297        for (;;) {
 298                irq = find_next_bit(q->queue, opp->max_irq, irq + 1);
 299                if (irq == opp->max_irq)
 300                        break;
 301
 302                pr_debug("IRQ_check: irq %d set ivpr_pr=%d pr=%d\n",
 303                        irq, IVPR_PRIORITY(opp->src[irq].ivpr), priority);
 304
 305                if (IVPR_PRIORITY(opp->src[irq].ivpr) > priority) {
 306                        next = irq;
 307                        priority = IVPR_PRIORITY(opp->src[irq].ivpr);
 308                }
 309        }
 310
 311        q->next = next;
 312        q->priority = priority;
 313}
 314
 315static int IRQ_get_next(struct openpic *opp, struct irq_queue *q)
 316{
 317        /* XXX: optimize */
 318        IRQ_check(opp, q);
 319
 320        return q->next;
 321}
 322
 323static void IRQ_local_pipe(struct openpic *opp, int n_CPU, int n_IRQ,
 324                           bool active, bool was_active)
 325{
 326        struct irq_dest *dst;
 327        struct irq_source *src;
 328        int priority;
 329
 330        dst = &opp->dst[n_CPU];
 331        src = &opp->src[n_IRQ];
 332
 333        pr_debug("%s: IRQ %d active %d was %d\n",
 334                __func__, n_IRQ, active, was_active);
 335
 336        if (src->output != ILR_INTTGT_INT) {
 337                pr_debug("%s: output %d irq %d active %d was %d count %d\n",
 338                        __func__, src->output, n_IRQ, active, was_active,
 339                        dst->outputs_active[src->output]);
 340
 341                /* On Freescale MPIC, critical interrupts ignore priority,
 342                 * IACK, EOI, etc.  Before MPIC v4.1 they also ignore
 343                 * masking.
 344                 */
 345                if (active) {
 346                        if (!was_active &&
 347                            dst->outputs_active[src->output]++ == 0) {
 348                                pr_debug("%s: Raise OpenPIC output %d cpu %d irq %d\n",
 349                                        __func__, src->output, n_CPU, n_IRQ);
 350                                mpic_irq_raise(opp, dst, src->output);
 351                        }
 352                } else {
 353                        if (was_active &&
 354                            --dst->outputs_active[src->output] == 0) {
 355                                pr_debug("%s: Lower OpenPIC output %d cpu %d irq %d\n",
 356                                        __func__, src->output, n_CPU, n_IRQ);
 357                                mpic_irq_lower(opp, dst, src->output);
 358                        }
 359                }
 360
 361                return;
 362        }
 363
 364        priority = IVPR_PRIORITY(src->ivpr);
 365
 366        /* Even if the interrupt doesn't have enough priority,
 367         * it is still raised, in case ctpr is lowered later.
 368         */
 369        if (active)
 370                IRQ_setbit(&dst->raised, n_IRQ);
 371        else
 372                IRQ_resetbit(&dst->raised, n_IRQ);
 373
 374        IRQ_check(opp, &dst->raised);
 375
 376        if (active && priority <= dst->ctpr) {
 377                pr_debug("%s: IRQ %d priority %d too low for ctpr %d on CPU %d\n",
 378                        __func__, n_IRQ, priority, dst->ctpr, n_CPU);
 379                active = 0;
 380        }
 381
 382        if (active) {
 383                if (IRQ_get_next(opp, &dst->servicing) >= 0 &&
 384                    priority <= dst->servicing.priority) {
 385                        pr_debug("%s: IRQ %d is hidden by servicing IRQ %d on CPU %d\n",
 386                                __func__, n_IRQ, dst->servicing.next, n_CPU);
 387                } else {
 388                        pr_debug("%s: Raise OpenPIC INT output cpu %d irq %d/%d\n",
 389                                __func__, n_CPU, n_IRQ, dst->raised.next);
 390                        mpic_irq_raise(opp, dst, ILR_INTTGT_INT);
 391                }
 392        } else {
 393                IRQ_get_next(opp, &dst->servicing);
 394                if (dst->raised.priority > dst->ctpr &&
 395                    dst->raised.priority > dst->servicing.priority) {
 396                        pr_debug("%s: IRQ %d inactive, IRQ %d prio %d above %d/%d, CPU %d\n",
 397                                __func__, n_IRQ, dst->raised.next,
 398                                dst->raised.priority, dst->ctpr,
 399                                dst->servicing.priority, n_CPU);
 400                        /* IRQ line stays asserted */
 401                } else {
 402                        pr_debug("%s: IRQ %d inactive, current prio %d/%d, CPU %d\n",
 403                                __func__, n_IRQ, dst->ctpr,
 404                                dst->servicing.priority, n_CPU);
 405                        mpic_irq_lower(opp, dst, ILR_INTTGT_INT);
 406                }
 407        }
 408}
 409
 410/* update pic state because registers for n_IRQ have changed value */
 411static void openpic_update_irq(struct openpic *opp, int n_IRQ)
 412{
 413        struct irq_source *src;
 414        bool active, was_active;
 415        int i;
 416
 417        src = &opp->src[n_IRQ];
 418        active = src->pending;
 419
 420        if ((src->ivpr & IVPR_MASK_MASK) && !src->nomask) {
 421                /* Interrupt source is disabled */
 422                pr_debug("%s: IRQ %d is disabled\n", __func__, n_IRQ);
 423                active = false;
 424        }
 425
 426        was_active = !!(src->ivpr & IVPR_ACTIVITY_MASK);
 427
 428        /*
 429         * We don't have a similar check for already-active because
 430         * ctpr may have changed and we need to withdraw the interrupt.
 431         */
 432        if (!active && !was_active) {
 433                pr_debug("%s: IRQ %d is already inactive\n", __func__, n_IRQ);
 434                return;
 435        }
 436
 437        if (active)
 438                src->ivpr |= IVPR_ACTIVITY_MASK;
 439        else
 440                src->ivpr &= ~IVPR_ACTIVITY_MASK;
 441
 442        if (src->destmask == 0) {
 443                /* No target */
 444                pr_debug("%s: IRQ %d has no target\n", __func__, n_IRQ);
 445                return;
 446        }
 447
 448        if (src->destmask == (1 << src->last_cpu)) {
 449                /* Only one CPU is allowed to receive this IRQ */
 450                IRQ_local_pipe(opp, src->last_cpu, n_IRQ, active, was_active);
 451        } else if (!(src->ivpr & IVPR_MODE_MASK)) {
 452                /* Directed delivery mode */
 453                for (i = 0; i < opp->nb_cpus; i++) {
 454                        if (src->destmask & (1 << i)) {
 455                                IRQ_local_pipe(opp, i, n_IRQ, active,
 456                                               was_active);
 457                        }
 458                }
 459        } else {
 460                /* Distributed delivery mode */
 461                for (i = src->last_cpu + 1; i != src->last_cpu; i++) {
 462                        if (i == opp->nb_cpus)
 463                                i = 0;
 464
 465                        if (src->destmask & (1 << i)) {
 466                                IRQ_local_pipe(opp, i, n_IRQ, active,
 467                                               was_active);
 468                                src->last_cpu = i;
 469                                break;
 470                        }
 471                }
 472        }
 473}
 474
 475static void openpic_set_irq(void *opaque, int n_IRQ, int level)
 476{
 477        struct openpic *opp = opaque;
 478        struct irq_source *src;
 479
 480        if (n_IRQ >= MAX_IRQ) {
 481                WARN_ONCE(1, "%s: IRQ %d out of range\n", __func__, n_IRQ);
 482                return;
 483        }
 484
 485        src = &opp->src[n_IRQ];
 486        pr_debug("openpic: set irq %d = %d ivpr=0x%08x\n",
 487                n_IRQ, level, src->ivpr);
 488        if (src->level) {
 489                /* level-sensitive irq */
 490                src->pending = level;
 491                openpic_update_irq(opp, n_IRQ);
 492        } else {
 493                /* edge-sensitive irq */
 494                if (level) {
 495                        src->pending = 1;
 496                        openpic_update_irq(opp, n_IRQ);
 497                }
 498
 499                if (src->output != ILR_INTTGT_INT) {
 500                        /* Edge-triggered interrupts shouldn't be used
 501                         * with non-INT delivery, but just in case,
 502                         * try to make it do something sane rather than
 503                         * cause an interrupt storm.  This is close to
 504                         * what you'd probably see happen in real hardware.
 505                         */
 506                        src->pending = 0;
 507                        openpic_update_irq(opp, n_IRQ);
 508                }
 509        }
 510}
 511
 512static void openpic_reset(struct openpic *opp)
 513{
 514        int i;
 515
 516        opp->gcr = GCR_RESET;
 517        /* Initialise controller registers */
 518        opp->frr = ((opp->nb_irqs - 1) << FRR_NIRQ_SHIFT) |
 519            (opp->vid << FRR_VID_SHIFT);
 520
 521        opp->pir = 0;
 522        opp->spve = -1 & opp->vector_mask;
 523        opp->tfrr = opp->tfrr_reset;
 524        /* Initialise IRQ sources */
 525        for (i = 0; i < opp->max_irq; i++) {
 526                opp->src[i].ivpr = opp->ivpr_reset;
 527
 528                switch (opp->src[i].type) {
 529                case IRQ_TYPE_NORMAL:
 530                        opp->src[i].level =
 531                            !!(opp->ivpr_reset & IVPR_SENSE_MASK);
 532                        break;
 533
 534                case IRQ_TYPE_FSLINT:
 535                        opp->src[i].ivpr |= IVPR_POLARITY_MASK;
 536                        break;
 537
 538                case IRQ_TYPE_FSLSPECIAL:
 539                        break;
 540                }
 541
 542                write_IRQreg_idr(opp, i, opp->idr_reset);
 543        }
 544        /* Initialise IRQ destinations */
 545        for (i = 0; i < MAX_CPU; i++) {
 546                opp->dst[i].ctpr = 15;
 547                memset(&opp->dst[i].raised, 0, sizeof(struct irq_queue));
 548                opp->dst[i].raised.next = -1;
 549                memset(&opp->dst[i].servicing, 0, sizeof(struct irq_queue));
 550                opp->dst[i].servicing.next = -1;
 551        }
 552        /* Initialise timers */
 553        for (i = 0; i < MAX_TMR; i++) {
 554                opp->timers[i].tccr = 0;
 555                opp->timers[i].tbcr = TBCR_CI;
 556        }
 557        /* Go out of RESET state */
 558        opp->gcr = 0;
 559}
 560
 561static inline uint32_t read_IRQreg_idr(struct openpic *opp, int n_IRQ)
 562{
 563        return opp->src[n_IRQ].idr;
 564}
 565
 566static inline uint32_t read_IRQreg_ilr(struct openpic *opp, int n_IRQ)
 567{
 568        if (opp->flags & OPENPIC_FLAG_ILR)
 569                return opp->src[n_IRQ].output;
 570
 571        return 0xffffffff;
 572}
 573
 574static inline uint32_t read_IRQreg_ivpr(struct openpic *opp, int n_IRQ)
 575{
 576        return opp->src[n_IRQ].ivpr;
 577}
 578
 579static inline void write_IRQreg_idr(struct openpic *opp, int n_IRQ,
 580                                    uint32_t val)
 581{
 582        struct irq_source *src = &opp->src[n_IRQ];
 583        uint32_t normal_mask = (1UL << opp->nb_cpus) - 1;
 584        uint32_t crit_mask = 0;
 585        uint32_t mask = normal_mask;
 586        int crit_shift = IDR_EP_SHIFT - opp->nb_cpus;
 587        int i;
 588
 589        if (opp->flags & OPENPIC_FLAG_IDR_CRIT) {
 590                crit_mask = mask << crit_shift;
 591                mask |= crit_mask | IDR_EP;
 592        }
 593
 594        src->idr = val & mask;
 595        pr_debug("Set IDR %d to 0x%08x\n", n_IRQ, src->idr);
 596
 597        if (opp->flags & OPENPIC_FLAG_IDR_CRIT) {
 598                if (src->idr & crit_mask) {
 599                        if (src->idr & normal_mask) {
 600                                pr_debug("%s: IRQ configured for multiple output types, using critical\n",
 601                                        __func__);
 602                        }
 603
 604                        src->output = ILR_INTTGT_CINT;
 605                        src->nomask = true;
 606                        src->destmask = 0;
 607
 608                        for (i = 0; i < opp->nb_cpus; i++) {
 609                                int n_ci = IDR_CI0_SHIFT - i;
 610
 611                                if (src->idr & (1UL << n_ci))
 612                                        src->destmask |= 1UL << i;
 613                        }
 614                } else {
 615                        src->output = ILR_INTTGT_INT;
 616                        src->nomask = false;
 617                        src->destmask = src->idr & normal_mask;
 618                }
 619        } else {
 620                src->destmask = src->idr;
 621        }
 622}
 623
 624static inline void write_IRQreg_ilr(struct openpic *opp, int n_IRQ,
 625                                    uint32_t val)
 626{
 627        if (opp->flags & OPENPIC_FLAG_ILR) {
 628                struct irq_source *src = &opp->src[n_IRQ];
 629
 630                src->output = val & ILR_INTTGT_MASK;
 631                pr_debug("Set ILR %d to 0x%08x, output %d\n", n_IRQ, src->idr,
 632                        src->output);
 633
 634                /* TODO: on MPIC v4.0 only, set nomask for non-INT */
 635        }
 636}
 637
 638static inline void write_IRQreg_ivpr(struct openpic *opp, int n_IRQ,
 639                                     uint32_t val)
 640{
 641        uint32_t mask;
 642
 643        /* NOTE when implementing newer FSL MPIC models: starting with v4.0,
 644         * the polarity bit is read-only on internal interrupts.
 645         */
 646        mask = IVPR_MASK_MASK | IVPR_PRIORITY_MASK | IVPR_SENSE_MASK |
 647            IVPR_POLARITY_MASK | opp->vector_mask;
 648
 649        /* ACTIVITY bit is read-only */
 650        opp->src[n_IRQ].ivpr =
 651            (opp->src[n_IRQ].ivpr & IVPR_ACTIVITY_MASK) | (val & mask);
 652
 653        /* For FSL internal interrupts, The sense bit is reserved and zero,
 654         * and the interrupt is always level-triggered.  Timers and IPIs
 655         * have no sense or polarity bits, and are edge-triggered.
 656         */
 657        switch (opp->src[n_IRQ].type) {
 658        case IRQ_TYPE_NORMAL:
 659                opp->src[n_IRQ].level =
 660                    !!(opp->src[n_IRQ].ivpr & IVPR_SENSE_MASK);
 661                break;
 662
 663        case IRQ_TYPE_FSLINT:
 664                opp->src[n_IRQ].ivpr &= ~IVPR_SENSE_MASK;
 665                break;
 666
 667        case IRQ_TYPE_FSLSPECIAL:
 668                opp->src[n_IRQ].ivpr &= ~(IVPR_POLARITY_MASK | IVPR_SENSE_MASK);
 669                break;
 670        }
 671
 672        openpic_update_irq(opp, n_IRQ);
 673        pr_debug("Set IVPR %d to 0x%08x -> 0x%08x\n", n_IRQ, val,
 674                opp->src[n_IRQ].ivpr);
 675}
 676
 677static void openpic_gcr_write(struct openpic *opp, uint64_t val)
 678{
 679        if (val & GCR_RESET) {
 680                openpic_reset(opp);
 681                return;
 682        }
 683
 684        opp->gcr &= ~opp->mpic_mode_mask;
 685        opp->gcr |= val & opp->mpic_mode_mask;
 686}
 687
 688static int openpic_gbl_write(void *opaque, gpa_t addr, u32 val)
 689{
 690        struct openpic *opp = opaque;
 691        int err = 0;
 692
 693        pr_debug("%s: addr %#llx <= %08x\n", __func__, addr, val);
 694        if (addr & 0xF)
 695                return 0;
 696
 697        switch (addr) {
 698        case 0x00:      /* Block Revision Register1 (BRR1) is Readonly */
 699                break;
 700        case 0x40:
 701        case 0x50:
 702        case 0x60:
 703        case 0x70:
 704        case 0x80:
 705        case 0x90:
 706        case 0xA0:
 707        case 0xB0:
 708                err = openpic_cpu_write_internal(opp, addr, val,
 709                                                 get_current_cpu());
 710                break;
 711        case 0x1000:            /* FRR */
 712                break;
 713        case 0x1020:            /* GCR */
 714                openpic_gcr_write(opp, val);
 715                break;
 716        case 0x1080:            /* VIR */
 717                break;
 718        case 0x1090:            /* PIR */
 719                /*
 720                 * This register is used to reset a CPU core --
 721                 * let userspace handle it.
 722                 */
 723                err = -ENXIO;
 724                break;
 725        case 0x10A0:            /* IPI_IVPR */
 726        case 0x10B0:
 727        case 0x10C0:
 728        case 0x10D0: {
 729                int idx;
 730                idx = (addr - 0x10A0) >> 4;
 731                write_IRQreg_ivpr(opp, opp->irq_ipi0 + idx, val);
 732                break;
 733        }
 734        case 0x10E0:            /* SPVE */
 735                opp->spve = val & opp->vector_mask;
 736                break;
 737        default:
 738                break;
 739        }
 740
 741        return err;
 742}
 743
 744static int openpic_gbl_read(void *opaque, gpa_t addr, u32 *ptr)
 745{
 746        struct openpic *opp = opaque;
 747        u32 retval;
 748        int err = 0;
 749
 750        pr_debug("%s: addr %#llx\n", __func__, addr);
 751        retval = 0xFFFFFFFF;
 752        if (addr & 0xF)
 753                goto out;
 754
 755        switch (addr) {
 756        case 0x1000:            /* FRR */
 757                retval = opp->frr;
 758                retval |= (opp->nb_cpus - 1) << FRR_NCPU_SHIFT;
 759                break;
 760        case 0x1020:            /* GCR */
 761                retval = opp->gcr;
 762                break;
 763        case 0x1080:            /* VIR */
 764                retval = opp->vir;
 765                break;
 766        case 0x1090:            /* PIR */
 767                retval = 0x00000000;
 768                break;
 769        case 0x00:              /* Block Revision Register1 (BRR1) */
 770                retval = opp->brr1;
 771                break;
 772        case 0x40:
 773        case 0x50:
 774        case 0x60:
 775        case 0x70:
 776        case 0x80:
 777        case 0x90:
 778        case 0xA0:
 779        case 0xB0:
 780                err = openpic_cpu_read_internal(opp, addr,
 781                        &retval, get_current_cpu());
 782                break;
 783        case 0x10A0:            /* IPI_IVPR */
 784        case 0x10B0:
 785        case 0x10C0:
 786        case 0x10D0:
 787                {
 788                        int idx;
 789                        idx = (addr - 0x10A0) >> 4;
 790                        retval = read_IRQreg_ivpr(opp, opp->irq_ipi0 + idx);
 791                }
 792                break;
 793        case 0x10E0:            /* SPVE */
 794                retval = opp->spve;
 795                break;
 796        default:
 797                break;
 798        }
 799
 800out:
 801        pr_debug("%s: => 0x%08x\n", __func__, retval);
 802        *ptr = retval;
 803        return err;
 804}
 805
 806static int openpic_tmr_write(void *opaque, gpa_t addr, u32 val)
 807{
 808        struct openpic *opp = opaque;
 809        int idx;
 810
 811        addr += 0x10f0;
 812
 813        pr_debug("%s: addr %#llx <= %08x\n", __func__, addr, val);
 814        if (addr & 0xF)
 815                return 0;
 816
 817        if (addr == 0x10f0) {
 818                /* TFRR */
 819                opp->tfrr = val;
 820                return 0;
 821        }
 822
 823        idx = (addr >> 6) & 0x3;
 824        addr = addr & 0x30;
 825
 826        switch (addr & 0x30) {
 827        case 0x00:              /* TCCR */
 828                break;
 829        case 0x10:              /* TBCR */
 830                if ((opp->timers[idx].tccr & TCCR_TOG) != 0 &&
 831                    (val & TBCR_CI) == 0 &&
 832                    (opp->timers[idx].tbcr & TBCR_CI) != 0)
 833                        opp->timers[idx].tccr &= ~TCCR_TOG;
 834
 835                opp->timers[idx].tbcr = val;
 836                break;
 837        case 0x20:              /* TVPR */
 838                write_IRQreg_ivpr(opp, opp->irq_tim0 + idx, val);
 839                break;
 840        case 0x30:              /* TDR */
 841                write_IRQreg_idr(opp, opp->irq_tim0 + idx, val);
 842                break;
 843        }
 844
 845        return 0;
 846}
 847
 848static int openpic_tmr_read(void *opaque, gpa_t addr, u32 *ptr)
 849{
 850        struct openpic *opp = opaque;
 851        uint32_t retval = -1;
 852        int idx;
 853
 854        pr_debug("%s: addr %#llx\n", __func__, addr);
 855        if (addr & 0xF)
 856                goto out;
 857
 858        idx = (addr >> 6) & 0x3;
 859        if (addr == 0x0) {
 860                /* TFRR */
 861                retval = opp->tfrr;
 862                goto out;
 863        }
 864
 865        switch (addr & 0x30) {
 866        case 0x00:              /* TCCR */
 867                retval = opp->timers[idx].tccr;
 868                break;
 869        case 0x10:              /* TBCR */
 870                retval = opp->timers[idx].tbcr;
 871                break;
 872        case 0x20:              /* TIPV */
 873                retval = read_IRQreg_ivpr(opp, opp->irq_tim0 + idx);
 874                break;
 875        case 0x30:              /* TIDE (TIDR) */
 876                retval = read_IRQreg_idr(opp, opp->irq_tim0 + idx);
 877                break;
 878        }
 879
 880out:
 881        pr_debug("%s: => 0x%08x\n", __func__, retval);
 882        *ptr = retval;
 883        return 0;
 884}
 885
 886static int openpic_src_write(void *opaque, gpa_t addr, u32 val)
 887{
 888        struct openpic *opp = opaque;
 889        int idx;
 890
 891        pr_debug("%s: addr %#llx <= %08x\n", __func__, addr, val);
 892
 893        addr = addr & 0xffff;
 894        idx = addr >> 5;
 895
 896        switch (addr & 0x1f) {
 897        case 0x00:
 898                write_IRQreg_ivpr(opp, idx, val);
 899                break;
 900        case 0x10:
 901                write_IRQreg_idr(opp, idx, val);
 902                break;
 903        case 0x18:
 904                write_IRQreg_ilr(opp, idx, val);
 905                break;
 906        }
 907
 908        return 0;
 909}
 910
 911static int openpic_src_read(void *opaque, gpa_t addr, u32 *ptr)
 912{
 913        struct openpic *opp = opaque;
 914        uint32_t retval;
 915        int idx;
 916
 917        pr_debug("%s: addr %#llx\n", __func__, addr);
 918        retval = 0xFFFFFFFF;
 919
 920        addr = addr & 0xffff;
 921        idx = addr >> 5;
 922
 923        switch (addr & 0x1f) {
 924        case 0x00:
 925                retval = read_IRQreg_ivpr(opp, idx);
 926                break;
 927        case 0x10:
 928                retval = read_IRQreg_idr(opp, idx);
 929                break;
 930        case 0x18:
 931                retval = read_IRQreg_ilr(opp, idx);
 932                break;
 933        }
 934
 935        pr_debug("%s: => 0x%08x\n", __func__, retval);
 936        *ptr = retval;
 937        return 0;
 938}
 939
 940static int openpic_msi_write(void *opaque, gpa_t addr, u32 val)
 941{
 942        struct openpic *opp = opaque;
 943        int idx = opp->irq_msi;
 944        int srs, ibs;
 945
 946        pr_debug("%s: addr %#llx <= 0x%08x\n", __func__, addr, val);
 947        if (addr & 0xF)
 948                return 0;
 949
 950        switch (addr) {
 951        case MSIIR_OFFSET:
 952                srs = val >> MSIIR_SRS_SHIFT;
 953                idx += srs;
 954                ibs = (val & MSIIR_IBS_MASK) >> MSIIR_IBS_SHIFT;
 955                opp->msi[srs].msir |= 1 << ibs;
 956                openpic_set_irq(opp, idx, 1);
 957                break;
 958        default:
 959                /* most registers are read-only, thus ignored */
 960                break;
 961        }
 962
 963        return 0;
 964}
 965
 966static int openpic_msi_read(void *opaque, gpa_t addr, u32 *ptr)
 967{
 968        struct openpic *opp = opaque;
 969        uint32_t r = 0;
 970        int i, srs;
 971
 972        pr_debug("%s: addr %#llx\n", __func__, addr);
 973        if (addr & 0xF)
 974                return -ENXIO;
 975
 976        srs = addr >> 4;
 977
 978        switch (addr) {
 979        case 0x00:
 980        case 0x10:
 981        case 0x20:
 982        case 0x30:
 983        case 0x40:
 984        case 0x50:
 985        case 0x60:
 986        case 0x70:              /* MSIRs */
 987                r = opp->msi[srs].msir;
 988                /* Clear on read */
 989                opp->msi[srs].msir = 0;
 990                openpic_set_irq(opp, opp->irq_msi + srs, 0);
 991                break;
 992        case 0x120:             /* MSISR */
 993                for (i = 0; i < MAX_MSI; i++)
 994                        r |= (opp->msi[i].msir ? 1 : 0) << i;
 995                break;
 996        }
 997
 998        pr_debug("%s: => 0x%08x\n", __func__, r);
 999        *ptr = r;
1000        return 0;
1001}
1002
1003static int openpic_summary_read(void *opaque, gpa_t addr, u32 *ptr)
1004{
1005        uint32_t r = 0;
1006
1007        pr_debug("%s: addr %#llx\n", __func__, addr);
1008
1009        /* TODO: EISR/EIMR */
1010
1011        *ptr = r;
1012        return 0;
1013}
1014
1015static int openpic_summary_write(void *opaque, gpa_t addr, u32 val)
1016{
1017        pr_debug("%s: addr %#llx <= 0x%08x\n", __func__, addr, val);
1018
1019        /* TODO: EISR/EIMR */
1020        return 0;
1021}
1022
1023static int openpic_cpu_write_internal(void *opaque, gpa_t addr,
1024                                      u32 val, int idx)
1025{
1026        struct openpic *opp = opaque;
1027        struct irq_source *src;
1028        struct irq_dest *dst;
1029        int s_IRQ, n_IRQ;
1030
1031        pr_debug("%s: cpu %d addr %#llx <= 0x%08x\n", __func__, idx,
1032                addr, val);
1033
1034        if (idx < 0)
1035                return 0;
1036
1037        if (addr & 0xF)
1038                return 0;
1039
1040        dst = &opp->dst[idx];
1041        addr &= 0xFF0;
1042        switch (addr) {
1043        case 0x40:              /* IPIDR */
1044        case 0x50:
1045        case 0x60:
1046        case 0x70:
1047                idx = (addr - 0x40) >> 4;
1048                /* we use IDE as mask which CPUs to deliver the IPI to still. */
1049                opp->src[opp->irq_ipi0 + idx].destmask |= val;
1050                openpic_set_irq(opp, opp->irq_ipi0 + idx, 1);
1051                openpic_set_irq(opp, opp->irq_ipi0 + idx, 0);
1052                break;
1053        case 0x80:              /* CTPR */
1054                dst->ctpr = val & 0x0000000F;
1055
1056                pr_debug("%s: set CPU %d ctpr to %d, raised %d servicing %d\n",
1057                        __func__, idx, dst->ctpr, dst->raised.priority,
1058                        dst->servicing.priority);
1059
1060                if (dst->raised.priority <= dst->ctpr) {
1061                        pr_debug("%s: Lower OpenPIC INT output cpu %d due to ctpr\n",
1062                                __func__, idx);
1063                        mpic_irq_lower(opp, dst, ILR_INTTGT_INT);
1064                } else if (dst->raised.priority > dst->servicing.priority) {
1065                        pr_debug("%s: Raise OpenPIC INT output cpu %d irq %d\n",
1066                                __func__, idx, dst->raised.next);
1067                        mpic_irq_raise(opp, dst, ILR_INTTGT_INT);
1068                }
1069
1070                break;
1071        case 0x90:              /* WHOAMI */
1072                /* Read-only register */
1073                break;
1074        case 0xA0:              /* IACK */
1075                /* Read-only register */
1076                break;
1077        case 0xB0: {            /* EOI */
1078                int notify_eoi;
1079
1080                pr_debug("EOI\n");
1081                s_IRQ = IRQ_get_next(opp, &dst->servicing);
1082
1083                if (s_IRQ < 0) {
1084                        pr_debug("%s: EOI with no interrupt in service\n",
1085                                __func__);
1086                        break;
1087                }
1088
1089                IRQ_resetbit(&dst->servicing, s_IRQ);
1090                /* Notify listeners that the IRQ is over */
1091                notify_eoi = s_IRQ;
1092                /* Set up next servicing IRQ */
1093                s_IRQ = IRQ_get_next(opp, &dst->servicing);
1094                /* Check queued interrupts. */
1095                n_IRQ = IRQ_get_next(opp, &dst->raised);
1096                src = &opp->src[n_IRQ];
1097                if (n_IRQ != -1 &&
1098                    (s_IRQ == -1 ||
1099                     IVPR_PRIORITY(src->ivpr) > dst->servicing.priority)) {
1100                        pr_debug("Raise OpenPIC INT output cpu %d irq %d\n",
1101                                idx, n_IRQ);
1102                        mpic_irq_raise(opp, dst, ILR_INTTGT_INT);
1103                }
1104
1105                spin_unlock(&opp->lock);
1106                kvm_notify_acked_irq(opp->kvm, 0, notify_eoi);
1107                spin_lock(&opp->lock);
1108
1109                break;
1110        }
1111        default:
1112                break;
1113        }
1114
1115        return 0;
1116}
1117
1118static int openpic_cpu_write(void *opaque, gpa_t addr, u32 val)
1119{
1120        struct openpic *opp = opaque;
1121
1122        return openpic_cpu_write_internal(opp, addr, val,
1123                                         (addr & 0x1f000) >> 12);
1124}
1125
1126static uint32_t openpic_iack(struct openpic *opp, struct irq_dest *dst,
1127                             int cpu)
1128{
1129        struct irq_source *src;
1130        int retval, irq;
1131
1132        pr_debug("Lower OpenPIC INT output\n");
1133        mpic_irq_lower(opp, dst, ILR_INTTGT_INT);
1134
1135        irq = IRQ_get_next(opp, &dst->raised);
1136        pr_debug("IACK: irq=%d\n", irq);
1137
1138        if (irq == -1)
1139                /* No more interrupt pending */
1140                return opp->spve;
1141
1142        src = &opp->src[irq];
1143        if (!(src->ivpr & IVPR_ACTIVITY_MASK) ||
1144            !(IVPR_PRIORITY(src->ivpr) > dst->ctpr)) {
1145                pr_err("%s: bad raised IRQ %d ctpr %d ivpr 0x%08x\n",
1146                        __func__, irq, dst->ctpr, src->ivpr);
1147                openpic_update_irq(opp, irq);
1148                retval = opp->spve;
1149        } else {
1150                /* IRQ enter servicing state */
1151                IRQ_setbit(&dst->servicing, irq);
1152                retval = IVPR_VECTOR(opp, src->ivpr);
1153        }
1154
1155        if (!src->level) {
1156                /* edge-sensitive IRQ */
1157                src->ivpr &= ~IVPR_ACTIVITY_MASK;
1158                src->pending = 0;
1159                IRQ_resetbit(&dst->raised, irq);
1160        }
1161
1162        if ((irq >= opp->irq_ipi0) && (irq < (opp->irq_ipi0 + MAX_IPI))) {
1163                src->destmask &= ~(1 << cpu);
1164                if (src->destmask && !src->level) {
1165                        /* trigger on CPUs that didn't know about it yet */
1166                        openpic_set_irq(opp, irq, 1);
1167                        openpic_set_irq(opp, irq, 0);
1168                        /* if all CPUs knew about it, set active bit again */
1169                        src->ivpr |= IVPR_ACTIVITY_MASK;
1170                }
1171        }
1172
1173        return retval;
1174}
1175
1176void kvmppc_mpic_set_epr(struct kvm_vcpu *vcpu)
1177{
1178        struct openpic *opp = vcpu->arch.mpic;
1179        int cpu = vcpu->arch.irq_cpu_id;
1180        unsigned long flags;
1181
1182        spin_lock_irqsave(&opp->lock, flags);
1183
1184        if ((opp->gcr & opp->mpic_mode_mask) == GCR_MODE_PROXY)
1185                kvmppc_set_epr(vcpu, openpic_iack(opp, &opp->dst[cpu], cpu));
1186
1187        spin_unlock_irqrestore(&opp->lock, flags);
1188}
1189
1190static int openpic_cpu_read_internal(void *opaque, gpa_t addr,
1191                                     u32 *ptr, int idx)
1192{
1193        struct openpic *opp = opaque;
1194        struct irq_dest *dst;
1195        uint32_t retval;
1196
1197        pr_debug("%s: cpu %d addr %#llx\n", __func__, idx, addr);
1198        retval = 0xFFFFFFFF;
1199
1200        if (idx < 0)
1201                goto out;
1202
1203        if (addr & 0xF)
1204                goto out;
1205
1206        dst = &opp->dst[idx];
1207        addr &= 0xFF0;
1208        switch (addr) {
1209        case 0x80:              /* CTPR */
1210                retval = dst->ctpr;
1211                break;
1212        case 0x90:              /* WHOAMI */
1213                retval = idx;
1214                break;
1215        case 0xA0:              /* IACK */
1216                retval = openpic_iack(opp, dst, idx);
1217                break;
1218        case 0xB0:              /* EOI */
1219                retval = 0;
1220                break;
1221        default:
1222                break;
1223        }
1224        pr_debug("%s: => 0x%08x\n", __func__, retval);
1225
1226out:
1227        *ptr = retval;
1228        return 0;
1229}
1230
1231static int openpic_cpu_read(void *opaque, gpa_t addr, u32 *ptr)
1232{
1233        struct openpic *opp = opaque;
1234
1235        return openpic_cpu_read_internal(opp, addr, ptr,
1236                                         (addr & 0x1f000) >> 12);
1237}
1238
1239struct mem_reg {
1240        int (*read)(void *opaque, gpa_t addr, u32 *ptr);
1241        int (*write)(void *opaque, gpa_t addr, u32 val);
1242        gpa_t start_addr;
1243        int size;
1244};
1245
1246static const struct mem_reg openpic_gbl_mmio = {
1247        .write = openpic_gbl_write,
1248        .read = openpic_gbl_read,
1249        .start_addr = OPENPIC_GLB_REG_START,
1250        .size = OPENPIC_GLB_REG_SIZE,
1251};
1252
1253static const struct mem_reg openpic_tmr_mmio = {
1254        .write = openpic_tmr_write,
1255        .read = openpic_tmr_read,
1256        .start_addr = OPENPIC_TMR_REG_START,
1257        .size = OPENPIC_TMR_REG_SIZE,
1258};
1259
1260static const struct mem_reg openpic_cpu_mmio = {
1261        .write = openpic_cpu_write,
1262        .read = openpic_cpu_read,
1263        .start_addr = OPENPIC_CPU_REG_START,
1264        .size = OPENPIC_CPU_REG_SIZE,
1265};
1266
1267static const struct mem_reg openpic_src_mmio = {
1268        .write = openpic_src_write,
1269        .read = openpic_src_read,
1270        .start_addr = OPENPIC_SRC_REG_START,
1271        .size = OPENPIC_SRC_REG_SIZE,
1272};
1273
1274static const struct mem_reg openpic_msi_mmio = {
1275        .read = openpic_msi_read,
1276        .write = openpic_msi_write,
1277        .start_addr = OPENPIC_MSI_REG_START,
1278        .size = OPENPIC_MSI_REG_SIZE,
1279};
1280
1281static const struct mem_reg openpic_summary_mmio = {
1282        .read = openpic_summary_read,
1283        .write = openpic_summary_write,
1284        .start_addr = OPENPIC_SUMMARY_REG_START,
1285        .size = OPENPIC_SUMMARY_REG_SIZE,
1286};
1287
1288static void add_mmio_region(struct openpic *opp, const struct mem_reg *mr)
1289{
1290        if (opp->num_mmio_regions >= MAX_MMIO_REGIONS) {
1291                WARN(1, "kvm mpic: too many mmio regions\n");
1292                return;
1293        }
1294
1295        opp->mmio_regions[opp->num_mmio_regions++] = mr;
1296}
1297
1298static void fsl_common_init(struct openpic *opp)
1299{
1300        int i;
1301        int virq = MAX_SRC;
1302
1303        add_mmio_region(opp, &openpic_msi_mmio);
1304        add_mmio_region(opp, &openpic_summary_mmio);
1305
1306        opp->vid = VID_REVISION_1_2;
1307        opp->vir = VIR_GENERIC;
1308        opp->vector_mask = 0xFFFF;
1309        opp->tfrr_reset = 0;
1310        opp->ivpr_reset = IVPR_MASK_MASK;
1311        opp->idr_reset = 1 << 0;
1312        opp->max_irq = MAX_IRQ;
1313
1314        opp->irq_ipi0 = virq;
1315        virq += MAX_IPI;
1316        opp->irq_tim0 = virq;
1317        virq += MAX_TMR;
1318
1319        BUG_ON(virq > MAX_IRQ);
1320
1321        opp->irq_msi = 224;
1322
1323        for (i = 0; i < opp->fsl->max_ext; i++)
1324                opp->src[i].level = false;
1325
1326        /* Internal interrupts, including message and MSI */
1327        for (i = 16; i < MAX_SRC; i++) {
1328                opp->src[i].type = IRQ_TYPE_FSLINT;
1329                opp->src[i].level = true;
1330        }
1331
1332        /* timers and IPIs */
1333        for (i = MAX_SRC; i < virq; i++) {
1334                opp->src[i].type = IRQ_TYPE_FSLSPECIAL;
1335                opp->src[i].level = false;
1336        }
1337}
1338
1339static int kvm_mpic_read_internal(struct openpic *opp, gpa_t addr, u32 *ptr)
1340{
1341        int i;
1342
1343        for (i = 0; i < opp->num_mmio_regions; i++) {
1344                const struct mem_reg *mr = opp->mmio_regions[i];
1345
1346                if (mr->start_addr > addr || addr >= mr->start_addr + mr->size)
1347                        continue;
1348
1349                return mr->read(opp, addr - mr->start_addr, ptr);
1350        }
1351
1352        return -ENXIO;
1353}
1354
1355static int kvm_mpic_write_internal(struct openpic *opp, gpa_t addr, u32 val)
1356{
1357        int i;
1358
1359        for (i = 0; i < opp->num_mmio_regions; i++) {
1360                const struct mem_reg *mr = opp->mmio_regions[i];
1361
1362                if (mr->start_addr > addr || addr >= mr->start_addr + mr->size)
1363                        continue;
1364
1365                return mr->write(opp, addr - mr->start_addr, val);
1366        }
1367
1368        return -ENXIO;
1369}
1370
1371static int kvm_mpic_read(struct kvm_vcpu *vcpu,
1372                         struct kvm_io_device *this,
1373                         gpa_t addr, int len, void *ptr)
1374{
1375        struct openpic *opp = container_of(this, struct openpic, mmio);
1376        int ret;
1377        union {
1378                u32 val;
1379                u8 bytes[4];
1380        } u;
1381
1382        if (addr & (len - 1)) {
1383                pr_debug("%s: bad alignment %llx/%d\n",
1384                         __func__, addr, len);
1385                return -EINVAL;
1386        }
1387
1388        spin_lock_irq(&opp->lock);
1389        ret = kvm_mpic_read_internal(opp, addr - opp->reg_base, &u.val);
1390        spin_unlock_irq(&opp->lock);
1391
1392        /*
1393         * Technically only 32-bit accesses are allowed, but be nice to
1394         * people dumping registers a byte at a time -- it works in real
1395         * hardware (reads only, not writes).
1396         */
1397        if (len == 4) {
1398                *(u32 *)ptr = u.val;
1399                pr_debug("%s: addr %llx ret %d len 4 val %x\n",
1400                         __func__, addr, ret, u.val);
1401        } else if (len == 1) {
1402                *(u8 *)ptr = u.bytes[addr & 3];
1403                pr_debug("%s: addr %llx ret %d len 1 val %x\n",
1404                         __func__, addr, ret, u.bytes[addr & 3]);
1405        } else {
1406                pr_debug("%s: bad length %d\n", __func__, len);
1407                return -EINVAL;
1408        }
1409
1410        return ret;
1411}
1412
1413static int kvm_mpic_write(struct kvm_vcpu *vcpu,
1414                          struct kvm_io_device *this,
1415                          gpa_t addr, int len, const void *ptr)
1416{
1417        struct openpic *opp = container_of(this, struct openpic, mmio);
1418        int ret;
1419
1420        if (len != 4) {
1421                pr_debug("%s: bad length %d\n", __func__, len);
1422                return -EOPNOTSUPP;
1423        }
1424        if (addr & 3) {
1425                pr_debug("%s: bad alignment %llx/%d\n", __func__, addr, len);
1426                return -EOPNOTSUPP;
1427        }
1428
1429        spin_lock_irq(&opp->lock);
1430        ret = kvm_mpic_write_internal(opp, addr - opp->reg_base,
1431                                      *(const u32 *)ptr);
1432        spin_unlock_irq(&opp->lock);
1433
1434        pr_debug("%s: addr %llx ret %d val %x\n",
1435                 __func__, addr, ret, *(const u32 *)ptr);
1436
1437        return ret;
1438}
1439
1440static const struct kvm_io_device_ops mpic_mmio_ops = {
1441        .read = kvm_mpic_read,
1442        .write = kvm_mpic_write,
1443};
1444
1445static void map_mmio(struct openpic *opp)
1446{
1447        kvm_iodevice_init(&opp->mmio, &mpic_mmio_ops);
1448
1449        kvm_io_bus_register_dev(opp->kvm, KVM_MMIO_BUS,
1450                                opp->reg_base, OPENPIC_REG_SIZE,
1451                                &opp->mmio);
1452}
1453
1454static void unmap_mmio(struct openpic *opp)
1455{
1456        kvm_io_bus_unregister_dev(opp->kvm, KVM_MMIO_BUS, &opp->mmio);
1457}
1458
1459static int set_base_addr(struct openpic *opp, struct kvm_device_attr *attr)
1460{
1461        u64 base;
1462
1463        if (copy_from_user(&base, (u64 __user *)(long)attr->addr, sizeof(u64)))
1464                return -EFAULT;
1465
1466        if (base & 0x3ffff) {
1467                pr_debug("kvm mpic %s: KVM_DEV_MPIC_BASE_ADDR %08llx not aligned\n",
1468                         __func__, base);
1469                return -EINVAL;
1470        }
1471
1472        if (base == opp->reg_base)
1473                return 0;
1474
1475        mutex_lock(&opp->kvm->slots_lock);
1476
1477        unmap_mmio(opp);
1478        opp->reg_base = base;
1479
1480        pr_debug("kvm mpic %s: KVM_DEV_MPIC_BASE_ADDR %08llx\n",
1481                 __func__, base);
1482
1483        if (base == 0)
1484                goto out;
1485
1486        map_mmio(opp);
1487
1488out:
1489        mutex_unlock(&opp->kvm->slots_lock);
1490        return 0;
1491}
1492
1493#define ATTR_SET                0
1494#define ATTR_GET                1
1495
1496static int access_reg(struct openpic *opp, gpa_t addr, u32 *val, int type)
1497{
1498        int ret;
1499
1500        if (addr & 3)
1501                return -ENXIO;
1502
1503        spin_lock_irq(&opp->lock);
1504
1505        if (type == ATTR_SET)
1506                ret = kvm_mpic_write_internal(opp, addr, *val);
1507        else
1508                ret = kvm_mpic_read_internal(opp, addr, val);
1509
1510        spin_unlock_irq(&opp->lock);
1511
1512        pr_debug("%s: type %d addr %llx val %x\n", __func__, type, addr, *val);
1513
1514        return ret;
1515}
1516
1517static int mpic_set_attr(struct kvm_device *dev, struct kvm_device_attr *attr)
1518{
1519        struct openpic *opp = dev->private;
1520        u32 attr32;
1521
1522        switch (attr->group) {
1523        case KVM_DEV_MPIC_GRP_MISC:
1524                switch (attr->attr) {
1525                case KVM_DEV_MPIC_BASE_ADDR:
1526                        return set_base_addr(opp, attr);
1527                }
1528
1529                break;
1530
1531        case KVM_DEV_MPIC_GRP_REGISTER:
1532                if (get_user(attr32, (u32 __user *)(long)attr->addr))
1533                        return -EFAULT;
1534
1535                return access_reg(opp, attr->attr, &attr32, ATTR_SET);
1536
1537        case KVM_DEV_MPIC_GRP_IRQ_ACTIVE:
1538                if (attr->attr > MAX_SRC)
1539                        return -EINVAL;
1540
1541                if (get_user(attr32, (u32 __user *)(long)attr->addr))
1542                        return -EFAULT;
1543
1544                if (attr32 != 0 && attr32 != 1)
1545                        return -EINVAL;
1546
1547                spin_lock_irq(&opp->lock);
1548                openpic_set_irq(opp, attr->attr, attr32);
1549                spin_unlock_irq(&opp->lock);
1550                return 0;
1551        }
1552
1553        return -ENXIO;
1554}
1555
1556static int mpic_get_attr(struct kvm_device *dev, struct kvm_device_attr *attr)
1557{
1558        struct openpic *opp = dev->private;
1559        u64 attr64;
1560        u32 attr32;
1561        int ret;
1562
1563        switch (attr->group) {
1564        case KVM_DEV_MPIC_GRP_MISC:
1565                switch (attr->attr) {
1566                case KVM_DEV_MPIC_BASE_ADDR:
1567                        mutex_lock(&opp->kvm->slots_lock);
1568                        attr64 = opp->reg_base;
1569                        mutex_unlock(&opp->kvm->slots_lock);
1570
1571                        if (copy_to_user((u64 __user *)(long)attr->addr,
1572                                         &attr64, sizeof(u64)))
1573                                return -EFAULT;
1574
1575                        return 0;
1576                }
1577
1578                break;
1579
1580        case KVM_DEV_MPIC_GRP_REGISTER:
1581                ret = access_reg(opp, attr->attr, &attr32, ATTR_GET);
1582                if (ret)
1583                        return ret;
1584
1585                if (put_user(attr32, (u32 __user *)(long)attr->addr))
1586                        return -EFAULT;
1587
1588                return 0;
1589
1590        case KVM_DEV_MPIC_GRP_IRQ_ACTIVE:
1591                if (attr->attr > MAX_SRC)
1592                        return -EINVAL;
1593
1594                spin_lock_irq(&opp->lock);
1595                attr32 = opp->src[attr->attr].pending;
1596                spin_unlock_irq(&opp->lock);
1597
1598                if (put_user(attr32, (u32 __user *)(long)attr->addr))
1599                        return -EFAULT;
1600
1601                return 0;
1602        }
1603
1604        return -ENXIO;
1605}
1606
1607static int mpic_has_attr(struct kvm_device *dev, struct kvm_device_attr *attr)
1608{
1609        switch (attr->group) {
1610        case KVM_DEV_MPIC_GRP_MISC:
1611                switch (attr->attr) {
1612                case KVM_DEV_MPIC_BASE_ADDR:
1613                        return 0;
1614                }
1615
1616                break;
1617
1618        case KVM_DEV_MPIC_GRP_REGISTER:
1619                return 0;
1620
1621        case KVM_DEV_MPIC_GRP_IRQ_ACTIVE:
1622                if (attr->attr > MAX_SRC)
1623                        break;
1624
1625                return 0;
1626        }
1627
1628        return -ENXIO;
1629}
1630
1631static void mpic_destroy(struct kvm_device *dev)
1632{
1633        struct openpic *opp = dev->private;
1634
1635        dev->kvm->arch.mpic = NULL;
1636        kfree(opp);
1637        kfree(dev);
1638}
1639
1640static int mpic_set_default_irq_routing(struct openpic *opp)
1641{
1642        struct kvm_irq_routing_entry *routing;
1643
1644        /* Create a nop default map, so that dereferencing it still works */
1645        routing = kzalloc((sizeof(*routing)), GFP_KERNEL);
1646        if (!routing)
1647                return -ENOMEM;
1648
1649        kvm_set_irq_routing(opp->kvm, routing, 0, 0);
1650
1651        kfree(routing);
1652        return 0;
1653}
1654
1655static int mpic_create(struct kvm_device *dev, u32 type)
1656{
1657        struct openpic *opp;
1658        int ret;
1659
1660        /* We only support one MPIC at a time for now */
1661        if (dev->kvm->arch.mpic)
1662                return -EINVAL;
1663
1664        opp = kzalloc(sizeof(struct openpic), GFP_KERNEL);
1665        if (!opp)
1666                return -ENOMEM;
1667
1668        dev->private = opp;
1669        opp->kvm = dev->kvm;
1670        opp->dev = dev;
1671        opp->model = type;
1672        spin_lock_init(&opp->lock);
1673
1674        add_mmio_region(opp, &openpic_gbl_mmio);
1675        add_mmio_region(opp, &openpic_tmr_mmio);
1676        add_mmio_region(opp, &openpic_src_mmio);
1677        add_mmio_region(opp, &openpic_cpu_mmio);
1678
1679        switch (opp->model) {
1680        case KVM_DEV_TYPE_FSL_MPIC_20:
1681                opp->fsl = &fsl_mpic_20;
1682                opp->brr1 = 0x00400200;
1683                opp->flags |= OPENPIC_FLAG_IDR_CRIT;
1684                opp->nb_irqs = 80;
1685                opp->mpic_mode_mask = GCR_MODE_MIXED;
1686
1687                fsl_common_init(opp);
1688
1689                break;
1690
1691        case KVM_DEV_TYPE_FSL_MPIC_42:
1692                opp->fsl = &fsl_mpic_42;
1693                opp->brr1 = 0x00400402;
1694                opp->flags |= OPENPIC_FLAG_ILR;
1695                opp->nb_irqs = 196;
1696                opp->mpic_mode_mask = GCR_MODE_PROXY;
1697
1698                fsl_common_init(opp);
1699
1700                break;
1701
1702        default:
1703                ret = -ENODEV;
1704                goto err;
1705        }
1706
1707        ret = mpic_set_default_irq_routing(opp);
1708        if (ret)
1709                goto err;
1710
1711        openpic_reset(opp);
1712
1713        smp_wmb();
1714        dev->kvm->arch.mpic = opp;
1715
1716        return 0;
1717
1718err:
1719        kfree(opp);
1720        return ret;
1721}
1722
1723struct kvm_device_ops kvm_mpic_ops = {
1724        .name = "kvm-mpic",
1725        .create = mpic_create,
1726        .destroy = mpic_destroy,
1727        .set_attr = mpic_set_attr,
1728        .get_attr = mpic_get_attr,
1729        .has_attr = mpic_has_attr,
1730};
1731
1732int kvmppc_mpic_connect_vcpu(struct kvm_device *dev, struct kvm_vcpu *vcpu,
1733                             u32 cpu)
1734{
1735        struct openpic *opp = dev->private;
1736        int ret = 0;
1737
1738        if (dev->ops != &kvm_mpic_ops)
1739                return -EPERM;
1740        if (opp->kvm != vcpu->kvm)
1741                return -EPERM;
1742        if (cpu < 0 || cpu >= MAX_CPU)
1743                return -EPERM;
1744
1745        spin_lock_irq(&opp->lock);
1746
1747        if (opp->dst[cpu].vcpu) {
1748                ret = -EEXIST;
1749                goto out;
1750        }
1751        if (vcpu->arch.irq_type) {
1752                ret = -EBUSY;
1753                goto out;
1754        }
1755
1756        opp->dst[cpu].vcpu = vcpu;
1757        opp->nb_cpus = max(opp->nb_cpus, cpu + 1);
1758
1759        vcpu->arch.mpic = opp;
1760        vcpu->arch.irq_cpu_id = cpu;
1761        vcpu->arch.irq_type = KVMPPC_IRQ_MPIC;
1762
1763        /* This might need to be changed if GCR gets extended */
1764        if (opp->mpic_mode_mask == GCR_MODE_PROXY)
1765                vcpu->arch.epr_flags |= KVMPPC_EPR_KERNEL;
1766
1767out:
1768        spin_unlock_irq(&opp->lock);
1769        return ret;
1770}
1771
1772/*
1773 * This should only happen immediately before the mpic is destroyed,
1774 * so we shouldn't need to worry about anything still trying to
1775 * access the vcpu pointer.
1776 */
1777void kvmppc_mpic_disconnect_vcpu(struct openpic *opp, struct kvm_vcpu *vcpu)
1778{
1779        BUG_ON(!opp->dst[vcpu->arch.irq_cpu_id].vcpu);
1780
1781        opp->dst[vcpu->arch.irq_cpu_id].vcpu = NULL;
1782}
1783
1784/*
1785 * Return value:
1786 *  < 0   Interrupt was ignored (masked or not delivered for other reasons)
1787 *  = 0   Interrupt was coalesced (previous irq is still pending)
1788 *  > 0   Number of CPUs interrupt was delivered to
1789 */
1790static int mpic_set_irq(struct kvm_kernel_irq_routing_entry *e,
1791                        struct kvm *kvm, int irq_source_id, int level,
1792                        bool line_status)
1793{
1794        u32 irq = e->irqchip.pin;
1795        struct openpic *opp = kvm->arch.mpic;
1796        unsigned long flags;
1797
1798        spin_lock_irqsave(&opp->lock, flags);
1799        openpic_set_irq(opp, irq, level);
1800        spin_unlock_irqrestore(&opp->lock, flags);
1801
1802        /* All code paths we care about don't check for the return value */
1803        return 0;
1804}
1805
1806int kvm_set_msi(struct kvm_kernel_irq_routing_entry *e,
1807                struct kvm *kvm, int irq_source_id, int level, bool line_status)
1808{
1809        struct openpic *opp = kvm->arch.mpic;
1810        unsigned long flags;
1811
1812        spin_lock_irqsave(&opp->lock, flags);
1813
1814        /*
1815         * XXX We ignore the target address for now, as we only support
1816         *     a single MSI bank.
1817         */
1818        openpic_msi_write(kvm->arch.mpic, MSIIR_OFFSET, e->msi.data);
1819        spin_unlock_irqrestore(&opp->lock, flags);
1820
1821        /* All code paths we care about don't check for the return value */
1822        return 0;
1823}
1824
1825int kvm_set_routing_entry(struct kvm *kvm,
1826                          struct kvm_kernel_irq_routing_entry *e,
1827                          const struct kvm_irq_routing_entry *ue)
1828{
1829        int r = -EINVAL;
1830
1831        switch (ue->type) {
1832        case KVM_IRQ_ROUTING_IRQCHIP:
1833                e->set = mpic_set_irq;
1834                e->irqchip.irqchip = ue->u.irqchip.irqchip;
1835                e->irqchip.pin = ue->u.irqchip.pin;
1836                if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS)
1837                        goto out;
1838                break;
1839        case KVM_IRQ_ROUTING_MSI:
1840                e->set = kvm_set_msi;
1841                e->msi.address_lo = ue->u.msi.address_lo;
1842                e->msi.address_hi = ue->u.msi.address_hi;
1843                e->msi.data = ue->u.msi.data;
1844                break;
1845        default:
1846                goto out;
1847        }
1848
1849        r = 0;
1850out:
1851        return r;
1852}
1853