ppc: add host-serial and host-model machine attributes (CVE-2019-8934)
[qemu.git] / include / hw / ppc / spapr.h
1 #ifndef HW_SPAPR_H
2 #define HW_SPAPR_H
3
4 #include "qemu/units.h"
5 #include "sysemu/dma.h"
6 #include "hw/boards.h"
7 #include "hw/ppc/spapr_drc.h"
8 #include "hw/mem/pc-dimm.h"
9 #include "hw/ppc/spapr_ovec.h"
10 #include "hw/ppc/spapr_irq.h"
11 #include "hw/ppc/spapr_xive.h" /* For sPAPRXive */
12 #include "hw/ppc/xics.h" /* For ICSState */
13
14 struct VIOsPAPRBus;
15 struct sPAPRPHBState;
16 struct sPAPRNVRAM;
17
18 typedef struct sPAPREventLogEntry sPAPREventLogEntry;
19 typedef struct sPAPREventSource sPAPREventSource;
20 typedef struct sPAPRPendingHPT sPAPRPendingHPT;
21
22 #define HPTE64_V_HPTE_DIRTY 0x0000000000000040ULL
23 #define SPAPR_ENTRY_POINT 0x100
24
25 #define SPAPR_TIMEBASE_FREQ 512000000ULL
26
27 #define TYPE_SPAPR_RTC "spapr-rtc"
28
29 #define SPAPR_RTC(obj) \
30 OBJECT_CHECK(sPAPRRTCState, (obj), TYPE_SPAPR_RTC)
31
32 typedef struct sPAPRRTCState sPAPRRTCState;
33 struct sPAPRRTCState {
34 /*< private >*/
35 DeviceState parent_obj;
36 int64_t ns_offset;
37 };
38
39 typedef struct sPAPRDIMMState sPAPRDIMMState;
40 typedef struct sPAPRMachineClass sPAPRMachineClass;
41
42 #define TYPE_SPAPR_MACHINE "spapr-machine"
43 #define SPAPR_MACHINE(obj) \
44 OBJECT_CHECK(sPAPRMachineState, (obj), TYPE_SPAPR_MACHINE)
45 #define SPAPR_MACHINE_GET_CLASS(obj) \
46 OBJECT_GET_CLASS(sPAPRMachineClass, obj, TYPE_SPAPR_MACHINE)
47 #define SPAPR_MACHINE_CLASS(klass) \
48 OBJECT_CLASS_CHECK(sPAPRMachineClass, klass, TYPE_SPAPR_MACHINE)
49
50 typedef enum {
51 SPAPR_RESIZE_HPT_DEFAULT = 0,
52 SPAPR_RESIZE_HPT_DISABLED,
53 SPAPR_RESIZE_HPT_ENABLED,
54 SPAPR_RESIZE_HPT_REQUIRED,
55 } sPAPRResizeHPT;
56
57 /**
58 * Capabilities
59 */
60
61 /* Hardware Transactional Memory */
62 #define SPAPR_CAP_HTM 0x00
63 /* Vector Scalar Extensions */
64 #define SPAPR_CAP_VSX 0x01
65 /* Decimal Floating Point */
66 #define SPAPR_CAP_DFP 0x02
67 /* Cache Flush on Privilege Change */
68 #define SPAPR_CAP_CFPC 0x03
69 /* Speculation Barrier Bounds Checking */
70 #define SPAPR_CAP_SBBC 0x04
71 /* Indirect Branch Serialisation */
72 #define SPAPR_CAP_IBS 0x05
73 /* HPT Maximum Page Size (encoded as a shift) */
74 #define SPAPR_CAP_HPT_MAXPAGESIZE 0x06
75 /* Nested KVM-HV */
76 #define SPAPR_CAP_NESTED_KVM_HV 0x07
77 /* Num Caps */
78 #define SPAPR_CAP_NUM (SPAPR_CAP_NESTED_KVM_HV + 1)
79
80 /*
81 * Capability Values
82 */
83 /* Bool Caps */
84 #define SPAPR_CAP_OFF 0x00
85 #define SPAPR_CAP_ON 0x01
86 /* Custom Caps */
87 #define SPAPR_CAP_BROKEN 0x00
88 #define SPAPR_CAP_WORKAROUND 0x01
89 #define SPAPR_CAP_FIXED 0x02
90 #define SPAPR_CAP_FIXED_IBS 0x02
91 #define SPAPR_CAP_FIXED_CCD 0x03
92
93 typedef struct sPAPRCapabilities sPAPRCapabilities;
94 struct sPAPRCapabilities {
95 uint8_t caps[SPAPR_CAP_NUM];
96 };
97
98 /**
99 * sPAPRMachineClass:
100 */
101 struct sPAPRMachineClass {
102 /*< private >*/
103 MachineClass parent_class;
104
105 /*< public >*/
106 bool dr_lmb_enabled; /* enable dynamic-reconfig/hotplug of LMBs */
107 bool update_dt_enabled; /* enable KVMPPC_H_UPDATE_DT */
108 bool use_ohci_by_default; /* use USB-OHCI instead of XHCI */
109 bool pre_2_10_has_unused_icps;
110 bool legacy_irq_allocation;
111
112 void (*phb_placement)(sPAPRMachineState *spapr, uint32_t index,
113 uint64_t *buid, hwaddr *pio,
114 hwaddr *mmio32, hwaddr *mmio64,
115 unsigned n_dma, uint32_t *liobns, Error **errp);
116 sPAPRResizeHPT resize_hpt_default;
117 sPAPRCapabilities default_caps;
118 sPAPRIrq *irq;
119 };
120
121 /**
122 * sPAPRMachineState:
123 */
124 struct sPAPRMachineState {
125 /*< private >*/
126 MachineState parent_obj;
127
128 struct VIOsPAPRBus *vio_bus;
129 QLIST_HEAD(, sPAPRPHBState) phbs;
130 struct sPAPRNVRAM *nvram;
131 ICSState *ics;
132 sPAPRRTCState rtc;
133
134 sPAPRResizeHPT resize_hpt;
135 void *htab;
136 uint32_t htab_shift;
137 uint64_t patb_entry; /* Process tbl registed in H_REGISTER_PROCESS_TABLE */
138 sPAPRPendingHPT *pending_hpt; /* in-progress resize */
139
140 hwaddr rma_size;
141 int vrma_adjust;
142 ssize_t rtas_size;
143 void *rtas_blob;
144 uint32_t fdt_size;
145 uint32_t fdt_initial_size;
146 void *fdt_blob;
147 long kernel_size;
148 bool kernel_le;
149 uint32_t initrd_base;
150 long initrd_size;
151 uint64_t rtc_offset; /* Now used only during incoming migration */
152 struct PPCTimebase tb;
153 bool has_graphics;
154 uint32_t vsmt; /* Virtual SMT mode (KVM's "core stride") */
155
156 Notifier epow_notifier;
157 QTAILQ_HEAD(, sPAPREventLogEntry) pending_events;
158 bool use_hotplug_event_source;
159 sPAPREventSource *event_sources;
160
161 /* ibm,client-architecture-support option negotiation */
162 bool cas_reboot;
163 bool cas_legacy_guest_workaround;
164 sPAPROptionVector *ov5; /* QEMU-supported option vectors */
165 sPAPROptionVector *ov5_cas; /* negotiated (via CAS) option vectors */
166 uint32_t max_compat_pvr;
167
168 /* Migration state */
169 int htab_save_index;
170 bool htab_first_pass;
171 int htab_fd;
172
173 /* Pending DIMM unplug cache. It is populated when a LMB
174 * unplug starts. It can be regenerated if a migration
175 * occurs during the unplug process. */
176 QTAILQ_HEAD(, sPAPRDIMMState) pending_dimm_unplugs;
177
178 /*< public >*/
179 char *kvm_type;
180 char *host_model;
181 char *host_serial;
182
183 int32_t irq_map_nr;
184 unsigned long *irq_map;
185 sPAPRXive *xive;
186 sPAPRIrq *irq;
187 qemu_irq *qirqs;
188
189 bool cmd_line_caps[SPAPR_CAP_NUM];
190 sPAPRCapabilities def, eff, mig;
191 };
192
193 #define H_SUCCESS 0
194 #define H_BUSY 1 /* Hardware busy -- retry later */
195 #define H_CLOSED 2 /* Resource closed */
196 #define H_NOT_AVAILABLE 3
197 #define H_CONSTRAINED 4 /* Resource request constrained to max allowed */
198 #define H_PARTIAL 5
199 #define H_IN_PROGRESS 14 /* Kind of like busy */
200 #define H_PAGE_REGISTERED 15
201 #define H_PARTIAL_STORE 16
202 #define H_PENDING 17 /* returned from H_POLL_PENDING */
203 #define H_CONTINUE 18 /* Returned from H_Join on success */
204 #define H_LONG_BUSY_START_RANGE 9900 /* Start of long busy range */
205 #define H_LONG_BUSY_ORDER_1_MSEC 9900 /* Long busy, hint that 1msec \
206 is a good time to retry */
207 #define H_LONG_BUSY_ORDER_10_MSEC 9901 /* Long busy, hint that 10msec \
208 is a good time to retry */
209 #define H_LONG_BUSY_ORDER_100_MSEC 9902 /* Long busy, hint that 100msec \
210 is a good time to retry */
211 #define H_LONG_BUSY_ORDER_1_SEC 9903 /* Long busy, hint that 1sec \
212 is a good time to retry */
213 #define H_LONG_BUSY_ORDER_10_SEC 9904 /* Long busy, hint that 10sec \
214 is a good time to retry */
215 #define H_LONG_BUSY_ORDER_100_SEC 9905 /* Long busy, hint that 100sec \
216 is a good time to retry */
217 #define H_LONG_BUSY_END_RANGE 9905 /* End of long busy range */
218 #define H_HARDWARE -1 /* Hardware error */
219 #define H_FUNCTION -2 /* Function not supported */
220 #define H_PRIVILEGE -3 /* Caller not privileged */
221 #define H_PARAMETER -4 /* Parameter invalid, out-of-range or conflicting */
222 #define H_BAD_MODE -5 /* Illegal msr value */
223 #define H_PTEG_FULL -6 /* PTEG is full */
224 #define H_NOT_FOUND -7 /* PTE was not found" */
225 #define H_RESERVED_DABR -8 /* DABR address is reserved by the hypervisor on this processor" */
226 #define H_NO_MEM -9
227 #define H_AUTHORITY -10
228 #define H_PERMISSION -11
229 #define H_DROPPED -12
230 #define H_SOURCE_PARM -13
231 #define H_DEST_PARM -14
232 #define H_REMOTE_PARM -15
233 #define H_RESOURCE -16
234 #define H_ADAPTER_PARM -17
235 #define H_RH_PARM -18
236 #define H_RCQ_PARM -19
237 #define H_SCQ_PARM -20
238 #define H_EQ_PARM -21
239 #define H_RT_PARM -22
240 #define H_ST_PARM -23
241 #define H_SIGT_PARM -24
242 #define H_TOKEN_PARM -25
243 #define H_MLENGTH_PARM -27
244 #define H_MEM_PARM -28
245 #define H_MEM_ACCESS_PARM -29
246 #define H_ATTR_PARM -30
247 #define H_PORT_PARM -31
248 #define H_MCG_PARM -32
249 #define H_VL_PARM -33
250 #define H_TSIZE_PARM -34
251 #define H_TRACE_PARM -35
252
253 #define H_MASK_PARM -37
254 #define H_MCG_FULL -38
255 #define H_ALIAS_EXIST -39
256 #define H_P_COUNTER -40
257 #define H_TABLE_FULL -41
258 #define H_ALT_TABLE -42
259 #define H_MR_CONDITION -43
260 #define H_NOT_ENOUGH_RESOURCES -44
261 #define H_R_STATE -45
262 #define H_RESCINDEND -46
263 #define H_P2 -55
264 #define H_P3 -56
265 #define H_P4 -57
266 #define H_P5 -58
267 #define H_P6 -59
268 #define H_P7 -60
269 #define H_P8 -61
270 #define H_P9 -62
271 #define H_UNSUPPORTED_FLAG -256
272 #define H_MULTI_THREADS_ACTIVE -9005
273
274
275 /* Long Busy is a condition that can be returned by the firmware
276 * when a call cannot be completed now, but the identical call
277 * should be retried later. This prevents calls blocking in the
278 * firmware for long periods of time. Annoyingly the firmware can return
279 * a range of return codes, hinting at how long we should wait before
280 * retrying. If you don't care for the hint, the macro below is a good
281 * way to check for the long_busy return codes
282 */
283 #define H_IS_LONG_BUSY(x) ((x >= H_LONG_BUSY_START_RANGE) \
284 && (x <= H_LONG_BUSY_END_RANGE))
285
286 /* Flags */
287 #define H_LARGE_PAGE (1ULL<<(63-16))
288 #define H_EXACT (1ULL<<(63-24)) /* Use exact PTE or return H_PTEG_FULL */
289 #define H_R_XLATE (1ULL<<(63-25)) /* include a valid logical page num in the pte if the valid bit is set */
290 #define H_READ_4 (1ULL<<(63-26)) /* Return 4 PTEs */
291 #define H_PAGE_STATE_CHANGE (1ULL<<(63-28))
292 #define H_PAGE_UNUSED ((1ULL<<(63-29)) | (1ULL<<(63-30)))
293 #define H_PAGE_SET_UNUSED (H_PAGE_STATE_CHANGE | H_PAGE_UNUSED)
294 #define H_PAGE_SET_LOANED (H_PAGE_SET_UNUSED | (1ULL<<(63-31)))
295 #define H_PAGE_SET_ACTIVE H_PAGE_STATE_CHANGE
296 #define H_AVPN (1ULL<<(63-32)) /* An avpn is provided as a sanity test */
297 #define H_ANDCOND (1ULL<<(63-33))
298 #define H_ICACHE_INVALIDATE (1ULL<<(63-40)) /* icbi, etc. (ignored for IO pages) */
299 #define H_ICACHE_SYNCHRONIZE (1ULL<<(63-41)) /* dcbst, icbi, etc (ignored for IO pages */
300 #define H_ZERO_PAGE (1ULL<<(63-48)) /* zero the page before mapping (ignored for IO pages) */
301 #define H_COPY_PAGE (1ULL<<(63-49))
302 #define H_N (1ULL<<(63-61))
303 #define H_PP1 (1ULL<<(63-62))
304 #define H_PP2 (1ULL<<(63-63))
305
306 /* Values for 2nd argument to H_SET_MODE */
307 #define H_SET_MODE_RESOURCE_SET_CIABR 1
308 #define H_SET_MODE_RESOURCE_SET_DAWR 2
309 #define H_SET_MODE_RESOURCE_ADDR_TRANS_MODE 3
310 #define H_SET_MODE_RESOURCE_LE 4
311
312 /* Flags for H_SET_MODE_RESOURCE_LE */
313 #define H_SET_MODE_ENDIAN_BIG 0
314 #define H_SET_MODE_ENDIAN_LITTLE 1
315
316 /* VASI States */
317 #define H_VASI_INVALID 0
318 #define H_VASI_ENABLED 1
319 #define H_VASI_ABORTED 2
320 #define H_VASI_SUSPENDING 3
321 #define H_VASI_SUSPENDED 4
322 #define H_VASI_RESUMED 5
323 #define H_VASI_COMPLETED 6
324
325 /* DABRX flags */
326 #define H_DABRX_HYPERVISOR (1ULL<<(63-61))
327 #define H_DABRX_KERNEL (1ULL<<(63-62))
328 #define H_DABRX_USER (1ULL<<(63-63))
329
330 /* Values for KVM_PPC_GET_CPU_CHAR & H_GET_CPU_CHARACTERISTICS */
331 #define H_CPU_CHAR_SPEC_BAR_ORI31 PPC_BIT(0)
332 #define H_CPU_CHAR_BCCTRL_SERIALISED PPC_BIT(1)
333 #define H_CPU_CHAR_L1D_FLUSH_ORI30 PPC_BIT(2)
334 #define H_CPU_CHAR_L1D_FLUSH_TRIG2 PPC_BIT(3)
335 #define H_CPU_CHAR_L1D_THREAD_PRIV PPC_BIT(4)
336 #define H_CPU_CHAR_HON_BRANCH_HINTS PPC_BIT(5)
337 #define H_CPU_CHAR_THR_RECONF_TRIG PPC_BIT(6)
338 #define H_CPU_CHAR_CACHE_COUNT_DIS PPC_BIT(7)
339 #define H_CPU_BEHAV_FAVOUR_SECURITY PPC_BIT(0)
340 #define H_CPU_BEHAV_L1D_FLUSH_PR PPC_BIT(1)
341 #define H_CPU_BEHAV_BNDS_CHK_SPEC_BAR PPC_BIT(2)
342
343 /* Each control block has to be on a 4K boundary */
344 #define H_CB_ALIGNMENT 4096
345
346 /* pSeries hypervisor opcodes */
347 #define H_REMOVE 0x04
348 #define H_ENTER 0x08
349 #define H_READ 0x0c
350 #define H_CLEAR_MOD 0x10
351 #define H_CLEAR_REF 0x14
352 #define H_PROTECT 0x18
353 #define H_GET_TCE 0x1c
354 #define H_PUT_TCE 0x20
355 #define H_SET_SPRG0 0x24
356 #define H_SET_DABR 0x28
357 #define H_PAGE_INIT 0x2c
358 #define H_SET_ASR 0x30
359 #define H_ASR_ON 0x34
360 #define H_ASR_OFF 0x38
361 #define H_LOGICAL_CI_LOAD 0x3c
362 #define H_LOGICAL_CI_STORE 0x40
363 #define H_LOGICAL_CACHE_LOAD 0x44
364 #define H_LOGICAL_CACHE_STORE 0x48
365 #define H_LOGICAL_ICBI 0x4c
366 #define H_LOGICAL_DCBF 0x50
367 #define H_GET_TERM_CHAR 0x54
368 #define H_PUT_TERM_CHAR 0x58
369 #define H_REAL_TO_LOGICAL 0x5c
370 #define H_HYPERVISOR_DATA 0x60
371 #define H_EOI 0x64
372 #define H_CPPR 0x68
373 #define H_IPI 0x6c
374 #define H_IPOLL 0x70
375 #define H_XIRR 0x74
376 #define H_PERFMON 0x7c
377 #define H_MIGRATE_DMA 0x78
378 #define H_REGISTER_VPA 0xDC
379 #define H_CEDE 0xE0
380 #define H_CONFER 0xE4
381 #define H_PROD 0xE8
382 #define H_GET_PPP 0xEC
383 #define H_SET_PPP 0xF0
384 #define H_PURR 0xF4
385 #define H_PIC 0xF8
386 #define H_REG_CRQ 0xFC
387 #define H_FREE_CRQ 0x100
388 #define H_VIO_SIGNAL 0x104
389 #define H_SEND_CRQ 0x108
390 #define H_COPY_RDMA 0x110
391 #define H_REGISTER_LOGICAL_LAN 0x114
392 #define H_FREE_LOGICAL_LAN 0x118
393 #define H_ADD_LOGICAL_LAN_BUFFER 0x11C
394 #define H_SEND_LOGICAL_LAN 0x120
395 #define H_BULK_REMOVE 0x124
396 #define H_MULTICAST_CTRL 0x130
397 #define H_SET_XDABR 0x134
398 #define H_STUFF_TCE 0x138
399 #define H_PUT_TCE_INDIRECT 0x13C
400 #define H_CHANGE_LOGICAL_LAN_MAC 0x14C
401 #define H_VTERM_PARTNER_INFO 0x150
402 #define H_REGISTER_VTERM 0x154
403 #define H_FREE_VTERM 0x158
404 #define H_RESET_EVENTS 0x15C
405 #define H_ALLOC_RESOURCE 0x160
406 #define H_FREE_RESOURCE 0x164
407 #define H_MODIFY_QP 0x168
408 #define H_QUERY_QP 0x16C
409 #define H_REREGISTER_PMR 0x170
410 #define H_REGISTER_SMR 0x174
411 #define H_QUERY_MR 0x178
412 #define H_QUERY_MW 0x17C
413 #define H_QUERY_HCA 0x180
414 #define H_QUERY_PORT 0x184
415 #define H_MODIFY_PORT 0x188
416 #define H_DEFINE_AQP1 0x18C
417 #define H_GET_TRACE_BUFFER 0x190
418 #define H_DEFINE_AQP0 0x194
419 #define H_RESIZE_MR 0x198
420 #define H_ATTACH_MCQP 0x19C
421 #define H_DETACH_MCQP 0x1A0
422 #define H_CREATE_RPT 0x1A4
423 #define H_REMOVE_RPT 0x1A8
424 #define H_REGISTER_RPAGES 0x1AC
425 #define H_DISABLE_AND_GETC 0x1B0
426 #define H_ERROR_DATA 0x1B4
427 #define H_GET_HCA_INFO 0x1B8
428 #define H_GET_PERF_COUNT 0x1BC
429 #define H_MANAGE_TRACE 0x1C0
430 #define H_GET_CPU_CHARACTERISTICS 0x1C8
431 #define H_FREE_LOGICAL_LAN_BUFFER 0x1D4
432 #define H_QUERY_INT_STATE 0x1E4
433 #define H_POLL_PENDING 0x1D8
434 #define H_ILLAN_ATTRIBUTES 0x244
435 #define H_MODIFY_HEA_QP 0x250
436 #define H_QUERY_HEA_QP 0x254
437 #define H_QUERY_HEA 0x258
438 #define H_QUERY_HEA_PORT 0x25C
439 #define H_MODIFY_HEA_PORT 0x260
440 #define H_REG_BCMC 0x264
441 #define H_DEREG_BCMC 0x268
442 #define H_REGISTER_HEA_RPAGES 0x26C
443 #define H_DISABLE_AND_GET_HEA 0x270
444 #define H_GET_HEA_INFO 0x274
445 #define H_ALLOC_HEA_RESOURCE 0x278
446 #define H_ADD_CONN 0x284
447 #define H_DEL_CONN 0x288
448 #define H_JOIN 0x298
449 #define H_VASI_STATE 0x2A4
450 #define H_ENABLE_CRQ 0x2B0
451 #define H_GET_EM_PARMS 0x2B8
452 #define H_SET_MPP 0x2D0
453 #define H_GET_MPP 0x2D4
454 #define H_HOME_NODE_ASSOCIATIVITY 0x2EC
455 #define H_XIRR_X 0x2FC
456 #define H_RANDOM 0x300
457 #define H_SET_MODE 0x31C
458 #define H_RESIZE_HPT_PREPARE 0x36C
459 #define H_RESIZE_HPT_COMMIT 0x370
460 #define H_CLEAN_SLB 0x374
461 #define H_INVALIDATE_PID 0x378
462 #define H_REGISTER_PROC_TBL 0x37C
463 #define H_SIGNAL_SYS_RESET 0x380
464
465 #define H_INT_GET_SOURCE_INFO 0x3A8
466 #define H_INT_SET_SOURCE_CONFIG 0x3AC
467 #define H_INT_GET_SOURCE_CONFIG 0x3B0
468 #define H_INT_GET_QUEUE_INFO 0x3B4
469 #define H_INT_SET_QUEUE_CONFIG 0x3B8
470 #define H_INT_GET_QUEUE_CONFIG 0x3BC
471 #define H_INT_SET_OS_REPORTING_LINE 0x3C0
472 #define H_INT_GET_OS_REPORTING_LINE 0x3C4
473 #define H_INT_ESB 0x3C8
474 #define H_INT_SYNC 0x3CC
475 #define H_INT_RESET 0x3D0
476
477 #define MAX_HCALL_OPCODE H_INT_RESET
478
479 /* The hcalls above are standardized in PAPR and implemented by pHyp
480 * as well.
481 *
482 * We also need some hcalls which are specific to qemu / KVM-on-POWER.
483 * We put those into the 0xf000-0xfffc range which is reserved by PAPR
484 * for "platform-specific" hcalls.
485 */
486 #define KVMPPC_HCALL_BASE 0xf000
487 #define KVMPPC_H_RTAS (KVMPPC_HCALL_BASE + 0x0)
488 #define KVMPPC_H_LOGICAL_MEMOP (KVMPPC_HCALL_BASE + 0x1)
489 /* Client Architecture support */
490 #define KVMPPC_H_CAS (KVMPPC_HCALL_BASE + 0x2)
491 #define KVMPPC_H_UPDATE_DT (KVMPPC_HCALL_BASE + 0x3)
492 #define KVMPPC_HCALL_MAX KVMPPC_H_UPDATE_DT
493
494 typedef struct sPAPRDeviceTreeUpdateHeader {
495 uint32_t version_id;
496 } sPAPRDeviceTreeUpdateHeader;
497
498 #define hcall_dprintf(fmt, ...) \
499 do { \
500 qemu_log_mask(LOG_GUEST_ERROR, "%s: " fmt, __func__, ## __VA_ARGS__); \
501 } while (0)
502
503 typedef target_ulong (*spapr_hcall_fn)(PowerPCCPU *cpu, sPAPRMachineState *sm,
504 target_ulong opcode,
505 target_ulong *args);
506
507 void spapr_register_hypercall(target_ulong opcode, spapr_hcall_fn fn);
508 target_ulong spapr_hypercall(PowerPCCPU *cpu, target_ulong opcode,
509 target_ulong *args);
510
511 /* ibm,set-eeh-option */
512 #define RTAS_EEH_DISABLE 0
513 #define RTAS_EEH_ENABLE 1
514 #define RTAS_EEH_THAW_IO 2
515 #define RTAS_EEH_THAW_DMA 3
516
517 /* ibm,get-config-addr-info2 */
518 #define RTAS_GET_PE_ADDR 0
519 #define RTAS_GET_PE_MODE 1
520 #define RTAS_PE_MODE_NONE 0
521 #define RTAS_PE_MODE_NOT_SHARED 1
522 #define RTAS_PE_MODE_SHARED 2
523
524 /* ibm,read-slot-reset-state2 */
525 #define RTAS_EEH_PE_STATE_NORMAL 0
526 #define RTAS_EEH_PE_STATE_RESET 1
527 #define RTAS_EEH_PE_STATE_STOPPED_IO_DMA 2
528 #define RTAS_EEH_PE_STATE_STOPPED_DMA 4
529 #define RTAS_EEH_PE_STATE_UNAVAIL 5
530 #define RTAS_EEH_NOT_SUPPORT 0
531 #define RTAS_EEH_SUPPORT 1
532 #define RTAS_EEH_PE_UNAVAIL_INFO 1000
533 #define RTAS_EEH_PE_RECOVER_INFO 0
534
535 /* ibm,set-slot-reset */
536 #define RTAS_SLOT_RESET_DEACTIVATE 0
537 #define RTAS_SLOT_RESET_HOT 1
538 #define RTAS_SLOT_RESET_FUNDAMENTAL 3
539
540 /* ibm,slot-error-detail */
541 #define RTAS_SLOT_TEMP_ERR_LOG 1
542 #define RTAS_SLOT_PERM_ERR_LOG 2
543
544 /* RTAS return codes */
545 #define RTAS_OUT_SUCCESS 0
546 #define RTAS_OUT_NO_ERRORS_FOUND 1
547 #define RTAS_OUT_HW_ERROR -1
548 #define RTAS_OUT_BUSY -2
549 #define RTAS_OUT_PARAM_ERROR -3
550 #define RTAS_OUT_NOT_SUPPORTED -3
551 #define RTAS_OUT_NO_SUCH_INDICATOR -3
552 #define RTAS_OUT_NOT_AUTHORIZED -9002
553 #define RTAS_OUT_SYSPARM_PARAM_ERROR -9999
554
555 /* DDW pagesize mask values from ibm,query-pe-dma-window */
556 #define RTAS_DDW_PGSIZE_4K 0x01
557 #define RTAS_DDW_PGSIZE_64K 0x02
558 #define RTAS_DDW_PGSIZE_16M 0x04
559 #define RTAS_DDW_PGSIZE_32M 0x08
560 #define RTAS_DDW_PGSIZE_64M 0x10
561 #define RTAS_DDW_PGSIZE_128M 0x20
562 #define RTAS_DDW_PGSIZE_256M 0x40
563 #define RTAS_DDW_PGSIZE_16G 0x80
564
565 /* RTAS tokens */
566 #define RTAS_TOKEN_BASE 0x2000
567
568 #define RTAS_DISPLAY_CHARACTER (RTAS_TOKEN_BASE + 0x00)
569 #define RTAS_GET_TIME_OF_DAY (RTAS_TOKEN_BASE + 0x01)
570 #define RTAS_SET_TIME_OF_DAY (RTAS_TOKEN_BASE + 0x02)
571 #define RTAS_POWER_OFF (RTAS_TOKEN_BASE + 0x03)
572 #define RTAS_SYSTEM_REBOOT (RTAS_TOKEN_BASE + 0x04)
573 #define RTAS_QUERY_CPU_STOPPED_STATE (RTAS_TOKEN_BASE + 0x05)
574 #define RTAS_START_CPU (RTAS_TOKEN_BASE + 0x06)
575 #define RTAS_STOP_SELF (RTAS_TOKEN_BASE + 0x07)
576 #define RTAS_IBM_GET_SYSTEM_PARAMETER (RTAS_TOKEN_BASE + 0x08)
577 #define RTAS_IBM_SET_SYSTEM_PARAMETER (RTAS_TOKEN_BASE + 0x09)
578 #define RTAS_IBM_SET_XIVE (RTAS_TOKEN_BASE + 0x0A)
579 #define RTAS_IBM_GET_XIVE (RTAS_TOKEN_BASE + 0x0B)
580 #define RTAS_IBM_INT_OFF (RTAS_TOKEN_BASE + 0x0C)
581 #define RTAS_IBM_INT_ON (RTAS_TOKEN_BASE + 0x0D)
582 #define RTAS_CHECK_EXCEPTION (RTAS_TOKEN_BASE + 0x0E)
583 #define RTAS_EVENT_SCAN (RTAS_TOKEN_BASE + 0x0F)
584 #define RTAS_IBM_SET_TCE_BYPASS (RTAS_TOKEN_BASE + 0x10)
585 #define RTAS_QUIESCE (RTAS_TOKEN_BASE + 0x11)
586 #define RTAS_NVRAM_FETCH (RTAS_TOKEN_BASE + 0x12)
587 #define RTAS_NVRAM_STORE (RTAS_TOKEN_BASE + 0x13)
588 #define RTAS_READ_PCI_CONFIG (RTAS_TOKEN_BASE + 0x14)
589 #define RTAS_WRITE_PCI_CONFIG (RTAS_TOKEN_BASE + 0x15)
590 #define RTAS_IBM_READ_PCI_CONFIG (RTAS_TOKEN_BASE + 0x16)
591 #define RTAS_IBM_WRITE_PCI_CONFIG (RTAS_TOKEN_BASE + 0x17)
592 #define RTAS_IBM_QUERY_INTERRUPT_SOURCE_NUMBER (RTAS_TOKEN_BASE + 0x18)
593 #define RTAS_IBM_CHANGE_MSI (RTAS_TOKEN_BASE + 0x19)
594 #define RTAS_SET_INDICATOR (RTAS_TOKEN_BASE + 0x1A)
595 #define RTAS_SET_POWER_LEVEL (RTAS_TOKEN_BASE + 0x1B)
596 #define RTAS_GET_POWER_LEVEL (RTAS_TOKEN_BASE + 0x1C)
597 #define RTAS_GET_SENSOR_STATE (RTAS_TOKEN_BASE + 0x1D)
598 #define RTAS_IBM_CONFIGURE_CONNECTOR (RTAS_TOKEN_BASE + 0x1E)
599 #define RTAS_IBM_OS_TERM (RTAS_TOKEN_BASE + 0x1F)
600 #define RTAS_IBM_SET_EEH_OPTION (RTAS_TOKEN_BASE + 0x20)
601 #define RTAS_IBM_GET_CONFIG_ADDR_INFO2 (RTAS_TOKEN_BASE + 0x21)
602 #define RTAS_IBM_READ_SLOT_RESET_STATE2 (RTAS_TOKEN_BASE + 0x22)
603 #define RTAS_IBM_SET_SLOT_RESET (RTAS_TOKEN_BASE + 0x23)
604 #define RTAS_IBM_CONFIGURE_PE (RTAS_TOKEN_BASE + 0x24)
605 #define RTAS_IBM_SLOT_ERROR_DETAIL (RTAS_TOKEN_BASE + 0x25)
606 #define RTAS_IBM_QUERY_PE_DMA_WINDOW (RTAS_TOKEN_BASE + 0x26)
607 #define RTAS_IBM_CREATE_PE_DMA_WINDOW (RTAS_TOKEN_BASE + 0x27)
608 #define RTAS_IBM_REMOVE_PE_DMA_WINDOW (RTAS_TOKEN_BASE + 0x28)
609 #define RTAS_IBM_RESET_PE_DMA_WINDOW (RTAS_TOKEN_BASE + 0x29)
610
611 #define RTAS_TOKEN_MAX (RTAS_TOKEN_BASE + 0x2A)
612
613 /* RTAS ibm,get-system-parameter token values */
614 #define RTAS_SYSPARM_SPLPAR_CHARACTERISTICS 20
615 #define RTAS_SYSPARM_DIAGNOSTICS_RUN_MODE 42
616 #define RTAS_SYSPARM_UUID 48
617
618 /* RTAS indicator/sensor types
619 *
620 * as defined by PAPR+ 2.7 7.3.5.4, Table 41
621 *
622 * NOTE: currently only DR-related sensors are implemented here
623 */
624 #define RTAS_SENSOR_TYPE_ISOLATION_STATE 9001
625 #define RTAS_SENSOR_TYPE_DR 9002
626 #define RTAS_SENSOR_TYPE_ALLOCATION_STATE 9003
627 #define RTAS_SENSOR_TYPE_ENTITY_SENSE RTAS_SENSOR_TYPE_ALLOCATION_STATE
628
629 /* Possible values for the platform-processor-diagnostics-run-mode parameter
630 * of the RTAS ibm,get-system-parameter call.
631 */
632 #define DIAGNOSTICS_RUN_MODE_DISABLED 0
633 #define DIAGNOSTICS_RUN_MODE_STAGGERED 1
634 #define DIAGNOSTICS_RUN_MODE_IMMEDIATE 2
635 #define DIAGNOSTICS_RUN_MODE_PERIODIC 3
636
637 static inline uint64_t ppc64_phys_to_real(uint64_t addr)
638 {
639 return addr & ~0xF000000000000000ULL;
640 }
641
642 static inline uint32_t rtas_ld(target_ulong phys, int n)
643 {
644 return ldl_be_phys(&address_space_memory, ppc64_phys_to_real(phys + 4*n));
645 }
646
647 static inline uint64_t rtas_ldq(target_ulong phys, int n)
648 {
649 return (uint64_t)rtas_ld(phys, n) << 32 | rtas_ld(phys, n + 1);
650 }
651
652 static inline void rtas_st(target_ulong phys, int n, uint32_t val)
653 {
654 stl_be_phys(&address_space_memory, ppc64_phys_to_real(phys + 4*n), val);
655 }
656
657 typedef void (*spapr_rtas_fn)(PowerPCCPU *cpu, sPAPRMachineState *sm,
658 uint32_t token,
659 uint32_t nargs, target_ulong args,
660 uint32_t nret, target_ulong rets);
661 void spapr_rtas_register(int token, const char *name, spapr_rtas_fn fn);
662 target_ulong spapr_rtas_call(PowerPCCPU *cpu, sPAPRMachineState *sm,
663 uint32_t token, uint32_t nargs, target_ulong args,
664 uint32_t nret, target_ulong rets);
665 void spapr_dt_rtas_tokens(void *fdt, int rtas);
666 void spapr_load_rtas(sPAPRMachineState *spapr, void *fdt, hwaddr addr);
667
668 #define SPAPR_TCE_PAGE_SHIFT 12
669 #define SPAPR_TCE_PAGE_SIZE (1ULL << SPAPR_TCE_PAGE_SHIFT)
670 #define SPAPR_TCE_PAGE_MASK (SPAPR_TCE_PAGE_SIZE - 1)
671
672 #define SPAPR_VIO_BASE_LIOBN 0x00000000
673 #define SPAPR_VIO_LIOBN(reg) (0x00000000 | (reg))
674 #define SPAPR_PCI_LIOBN(phb_index, window_num) \
675 (0x80000000 | ((phb_index) << 8) | (window_num))
676 #define SPAPR_IS_PCI_LIOBN(liobn) (!!((liobn) & 0x80000000))
677 #define SPAPR_PCI_DMA_WINDOW_NUM(liobn) ((liobn) & 0xff)
678
679 #define RTAS_ERROR_LOG_MAX 2048
680
681 #define RTAS_EVENT_SCAN_RATE 1
682
683 /* This helper should be used to encode interrupt specifiers when the related
684 * "interrupt-controller" node has its "#interrupt-cells" property set to 2 (ie,
685 * VIO devices, RTAS event sources and PHBs).
686 */
687 static inline void spapr_dt_irq(uint32_t *intspec, int irq, bool is_lsi)
688 {
689 intspec[0] = cpu_to_be32(irq);
690 intspec[1] = is_lsi ? cpu_to_be32(1) : 0;
691 }
692
693 typedef struct sPAPRTCETable sPAPRTCETable;
694
695 #define TYPE_SPAPR_TCE_TABLE "spapr-tce-table"
696 #define SPAPR_TCE_TABLE(obj) \
697 OBJECT_CHECK(sPAPRTCETable, (obj), TYPE_SPAPR_TCE_TABLE)
698
699 #define TYPE_SPAPR_IOMMU_MEMORY_REGION "spapr-iommu-memory-region"
700 #define SPAPR_IOMMU_MEMORY_REGION(obj) \
701 OBJECT_CHECK(IOMMUMemoryRegion, (obj), TYPE_SPAPR_IOMMU_MEMORY_REGION)
702
703 struct sPAPRTCETable {
704 DeviceState parent;
705 uint32_t liobn;
706 uint32_t nb_table;
707 uint64_t bus_offset;
708 uint32_t page_shift;
709 uint64_t *table;
710 uint32_t mig_nb_table;
711 uint64_t *mig_table;
712 bool bypass;
713 bool need_vfio;
714 int fd;
715 MemoryRegion root;
716 IOMMUMemoryRegion iommu;
717 struct VIOsPAPRDevice *vdev; /* for @bypass migration compatibility only */
718 QLIST_ENTRY(sPAPRTCETable) list;
719 };
720
721 sPAPRTCETable *spapr_tce_find_by_liobn(target_ulong liobn);
722
723 struct sPAPREventLogEntry {
724 uint32_t summary;
725 uint32_t extended_length;
726 void *extended_log;
727 QTAILQ_ENTRY(sPAPREventLogEntry) next;
728 };
729
730 void spapr_events_init(sPAPRMachineState *sm);
731 void spapr_dt_events(sPAPRMachineState *sm, void *fdt);
732 int spapr_h_cas_compose_response(sPAPRMachineState *sm,
733 target_ulong addr, target_ulong size,
734 sPAPROptionVector *ov5_updates);
735 void close_htab_fd(sPAPRMachineState *spapr);
736 void spapr_setup_hpt_and_vrma(sPAPRMachineState *spapr);
737 void spapr_free_hpt(sPAPRMachineState *spapr);
738 sPAPRTCETable *spapr_tce_new_table(DeviceState *owner, uint32_t liobn);
739 void spapr_tce_table_enable(sPAPRTCETable *tcet,
740 uint32_t page_shift, uint64_t bus_offset,
741 uint32_t nb_table);
742 void spapr_tce_table_disable(sPAPRTCETable *tcet);
743 void spapr_tce_set_need_vfio(sPAPRTCETable *tcet, bool need_vfio);
744
745 MemoryRegion *spapr_tce_get_iommu(sPAPRTCETable *tcet);
746 int spapr_dma_dt(void *fdt, int node_off, const char *propname,
747 uint32_t liobn, uint64_t window, uint32_t size);
748 int spapr_tcet_dma_dt(void *fdt, int node_off, const char *propname,
749 sPAPRTCETable *tcet);
750 void spapr_pci_switch_vga(bool big_endian);
751 void spapr_hotplug_req_add_by_index(sPAPRDRConnector *drc);
752 void spapr_hotplug_req_remove_by_index(sPAPRDRConnector *drc);
753 void spapr_hotplug_req_add_by_count(sPAPRDRConnectorType drc_type,
754 uint32_t count);
755 void spapr_hotplug_req_remove_by_count(sPAPRDRConnectorType drc_type,
756 uint32_t count);
757 void spapr_hotplug_req_add_by_count_indexed(sPAPRDRConnectorType drc_type,
758 uint32_t count, uint32_t index);
759 void spapr_hotplug_req_remove_by_count_indexed(sPAPRDRConnectorType drc_type,
760 uint32_t count, uint32_t index);
761 int spapr_hpt_shift_for_ramsize(uint64_t ramsize);
762 void spapr_reallocate_hpt(sPAPRMachineState *spapr, int shift,
763 Error **errp);
764 void spapr_clear_pending_events(sPAPRMachineState *spapr);
765 int spapr_max_server_number(sPAPRMachineState *spapr);
766
767 /* CPU and LMB DRC release callbacks. */
768 void spapr_core_release(DeviceState *dev);
769 void spapr_lmb_release(DeviceState *dev);
770
771 void spapr_rtc_read(sPAPRRTCState *rtc, struct tm *tm, uint32_t *ns);
772 int spapr_rtc_import_offset(sPAPRRTCState *rtc, int64_t legacy_offset);
773
774 #define TYPE_SPAPR_RNG "spapr-rng"
775
776 #define SPAPR_MEMORY_BLOCK_SIZE (1 << 28) /* 256MB */
777
778 /*
779 * This defines the maximum number of DIMM slots we can have for sPAPR
780 * guest. This is not defined by sPAPR but we are defining it to 32 slots
781 * based on default number of slots provided by PowerPC kernel.
782 */
783 #define SPAPR_MAX_RAM_SLOTS 32
784
785 /* 1GB alignment for hotplug memory region */
786 #define SPAPR_DEVICE_MEM_ALIGN (1 * GiB)
787
788 /*
789 * Number of 32 bit words in each LMB list entry in ibm,dynamic-memory
790 * property under ibm,dynamic-reconfiguration-memory node.
791 */
792 #define SPAPR_DR_LMB_LIST_ENTRY_SIZE 6
793
794 /*
795 * Defines for flag value in ibm,dynamic-memory property under
796 * ibm,dynamic-reconfiguration-memory node.
797 */
798 #define SPAPR_LMB_FLAGS_ASSIGNED 0x00000008
799 #define SPAPR_LMB_FLAGS_DRC_INVALID 0x00000020
800 #define SPAPR_LMB_FLAGS_RESERVED 0x00000080
801
802 void spapr_do_system_reset_on_cpu(CPUState *cs, run_on_cpu_data arg);
803
804 #define HTAB_SIZE(spapr) (1ULL << ((spapr)->htab_shift))
805
806 int spapr_get_vcpu_id(PowerPCCPU *cpu);
807 void spapr_set_vcpu_id(PowerPCCPU *cpu, int cpu_index, Error **errp);
808 PowerPCCPU *spapr_find_cpu(int vcpu_id);
809
810 int spapr_caps_pre_load(void *opaque);
811 int spapr_caps_pre_save(void *opaque);
812
813 /*
814 * Handling of optional capabilities
815 */
816 extern const VMStateDescription vmstate_spapr_cap_htm;
817 extern const VMStateDescription vmstate_spapr_cap_vsx;
818 extern const VMStateDescription vmstate_spapr_cap_dfp;
819 extern const VMStateDescription vmstate_spapr_cap_cfpc;
820 extern const VMStateDescription vmstate_spapr_cap_sbbc;
821 extern const VMStateDescription vmstate_spapr_cap_ibs;
822 extern const VMStateDescription vmstate_spapr_cap_nested_kvm_hv;
823
824 static inline uint8_t spapr_get_cap(sPAPRMachineState *spapr, int cap)
825 {
826 return spapr->eff.caps[cap];
827 }
828
829 void spapr_caps_init(sPAPRMachineState *spapr);
830 void spapr_caps_apply(sPAPRMachineState *spapr);
831 void spapr_caps_cpu_apply(sPAPRMachineState *spapr, PowerPCCPU *cpu);
832 void spapr_caps_add_properties(sPAPRMachineClass *smc, Error **errp);
833 int spapr_caps_post_migration(sPAPRMachineState *spapr);
834
835 void spapr_check_pagesize(sPAPRMachineState *spapr, hwaddr pagesize,
836 Error **errp);
837 /*
838 * XIVE definitions
839 */
840 #define SPAPR_OV5_XIVE_LEGACY 0x0
841 #define SPAPR_OV5_XIVE_EXPLOIT 0x40
842 #define SPAPR_OV5_XIVE_BOTH 0x80 /* Only to advertise on the platform */
843
844 #endif /* HW_SPAPR_H */