diff options
Diffstat (limited to 'hw')
70 files changed, 5552 insertions, 1171 deletions
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c index 5a6e2c9d3d..134806db52 100644 --- a/hw/9pfs/9p.c +++ b/hw/9pfs/9p.c @@ -25,7 +25,6 @@ #include "coth.h" #include "trace.h" #include "migration/blocker.h" -#include "sysemu/qtest.h" #include "qemu/xxhash.h" #include <math.h> #include <linux/limits.h> diff --git a/hw/adc/npcm7xx_adc.c b/hw/adc/npcm7xx_adc.c index 870a6d50c2..0f0a9f63e2 100644 --- a/hw/adc/npcm7xx_adc.c +++ b/hw/adc/npcm7xx_adc.c @@ -238,7 +238,7 @@ static void npcm7xx_adc_init(Object *obj) memory_region_init_io(&s->iomem, obj, &npcm7xx_adc_ops, s, TYPE_NPCM7XX_ADC, 4 * KiB); sysbus_init_mmio(sbd, &s->iomem); - s->clock = qdev_init_clock_in(DEVICE(s), "clock", NULL, NULL); + s->clock = qdev_init_clock_in(DEVICE(s), "clock", NULL, NULL, 0); for (i = 0; i < NPCM7XX_ADC_NUM_INPUTS; ++i) { object_property_add_uint32_ptr(obj, "adci[*]", diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig index 4e6f4ffe90..8c37cf00da 100644 --- a/hw/arm/Kconfig +++ b/hw/arm/Kconfig @@ -353,6 +353,7 @@ config XLNX_ZYNQMP_ARM select SSI_M25P80 select XILINX_AXI select XILINX_SPIPS + select XLNX_CSU_DMA select XLNX_ZYNQMP select XLNX_ZDMA @@ -505,6 +506,7 @@ config ARM11MPCORE config ARMSSE bool select ARM_V7M + select ARMSSE_CPU_PWRCTRL select ARMSSE_CPUID select ARMSSE_MHU select CMSDK_APB_TIMER @@ -520,9 +522,5 @@ config ARMSSE select TZ_MSC select TZ_PPC select UNIMP - -config ARMSSE_CPUID - bool - -config ARMSSE_MHU - bool + select SSE_COUNTER + select SSE_TIMER diff --git a/hw/arm/armsse.c b/hw/arm/armsse.c index 26e1a8c95b..e5aeb9e485 100644 --- a/hw/arm/armsse.c +++ b/hw/arm/armsse.c @@ -19,29 +19,58 @@ #include "migration/vmstate.h" #include "hw/registerfields.h" #include "hw/arm/armsse.h" +#include "hw/arm/armsse-version.h" #include "hw/arm/boot.h" #include "hw/irq.h" #include "hw/qdev-clock.h" -/* Format of the System Information block SYS_CONFIG register */ -typedef enum SysConfigFormat { - IoTKitFormat, - SSE200Format, -} SysConfigFormat; +/* + * The SSE-300 puts some devices in different places to the + * SSE-200 (and original IoTKit). We use an array of these structs + * to define how each variant lays out these devices. (Parts of the + * SoC that are the same for all variants aren't handled via these + * data structures.) + */ + +#define NO_IRQ -1 +#define NO_PPC -1 +/* + * Special values for ARMSSEDeviceInfo::irq to indicate that this + * device uses one of the inputs to the OR gate that feeds into the + * CPU NMI input. + */ +#define NMI_0 10000 +#define NMI_1 10001 + +typedef struct ARMSSEDeviceInfo { + const char *name; /* name to use for the QOM object; NULL terminates list */ + const char *type; /* QOM type name */ + unsigned int index; /* Which of the N devices of this type is this ? */ + hwaddr addr; + hwaddr size; /* only needed for TYPE_UNIMPLEMENTED_DEVICE */ + int ppc; /* Index of APB PPC this device is wired up to, or NO_PPC */ + int ppc_port; /* Port number of this device on the PPC */ + int irq; /* NO_IRQ, or 0..NUM_SSE_IRQS-1, or NMI_0 or NMI_1 */ + bool slowclk; /* true if device uses the slow 32KHz clock */ +} ARMSSEDeviceInfo; struct ARMSSEInfo { const char *name; + uint32_t sse_version; int sram_banks; int num_cpus; uint32_t sys_version; + uint32_t iidr; uint32_t cpuwait_rst; - SysConfigFormat sys_config_format; bool has_mhus; - bool has_ppus; bool has_cachectrl; bool has_cpusecctrl; bool has_cpuid; + bool has_cpu_pwrctrl; + bool has_sse_counter; Property *props; + const ARMSSEDeviceInfo *devinfo; + const bool *irq_is_common; }; static Property iotkit_properties[] = { @@ -68,34 +97,449 @@ static Property armsse_properties[] = { DEFINE_PROP_END_OF_LIST() }; +static const ARMSSEDeviceInfo iotkit_devices[] = { + { + .name = "timer0", + .type = TYPE_CMSDK_APB_TIMER, + .index = 0, + .addr = 0x40000000, + .ppc = 0, + .ppc_port = 0, + .irq = 3, + }, + { + .name = "timer1", + .type = TYPE_CMSDK_APB_TIMER, + .index = 1, + .addr = 0x40001000, + .ppc = 0, + .ppc_port = 1, + .irq = 4, + }, + { + .name = "s32ktimer", + .type = TYPE_CMSDK_APB_TIMER, + .index = 2, + .addr = 0x4002f000, + .ppc = 1, + .ppc_port = 0, + .irq = 2, + .slowclk = true, + }, + { + .name = "dualtimer", + .type = TYPE_CMSDK_APB_DUALTIMER, + .index = 0, + .addr = 0x40002000, + .ppc = 0, + .ppc_port = 2, + .irq = 5, + }, + { + .name = "s32kwatchdog", + .type = TYPE_CMSDK_APB_WATCHDOG, + .index = 0, + .addr = 0x5002e000, + .ppc = NO_PPC, + .irq = NMI_0, + .slowclk = true, + }, + { + .name = "nswatchdog", + .type = TYPE_CMSDK_APB_WATCHDOG, + .index = 1, + .addr = 0x40081000, + .ppc = NO_PPC, + .irq = 1, + }, + { + .name = "swatchdog", + .type = TYPE_CMSDK_APB_WATCHDOG, + .index = 2, + .addr = 0x50081000, + .ppc = NO_PPC, + .irq = NMI_1, + }, + { + .name = "armsse-sysinfo", + .type = TYPE_IOTKIT_SYSINFO, + .index = 0, + .addr = 0x40020000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "armsse-sysctl", + .type = TYPE_IOTKIT_SYSCTL, + .index = 0, + .addr = 0x50021000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = NULL, + } +}; + +static const ARMSSEDeviceInfo sse200_devices[] = { + { + .name = "timer0", + .type = TYPE_CMSDK_APB_TIMER, + .index = 0, + .addr = 0x40000000, + .ppc = 0, + .ppc_port = 0, + .irq = 3, + }, + { + .name = "timer1", + .type = TYPE_CMSDK_APB_TIMER, + .index = 1, + .addr = 0x40001000, + .ppc = 0, + .ppc_port = 1, + .irq = 4, + }, + { + .name = "s32ktimer", + .type = TYPE_CMSDK_APB_TIMER, + .index = 2, + .addr = 0x4002f000, + .ppc = 1, + .ppc_port = 0, + .irq = 2, + .slowclk = true, + }, + { + .name = "dualtimer", + .type = TYPE_CMSDK_APB_DUALTIMER, + .index = 0, + .addr = 0x40002000, + .ppc = 0, + .ppc_port = 2, + .irq = 5, + }, + { + .name = "s32kwatchdog", + .type = TYPE_CMSDK_APB_WATCHDOG, + .index = 0, + .addr = 0x5002e000, + .ppc = NO_PPC, + .irq = NMI_0, + .slowclk = true, + }, + { + .name = "nswatchdog", + .type = TYPE_CMSDK_APB_WATCHDOG, + .index = 1, + .addr = 0x40081000, + .ppc = NO_PPC, + .irq = 1, + }, + { + .name = "swatchdog", + .type = TYPE_CMSDK_APB_WATCHDOG, + .index = 2, + .addr = 0x50081000, + .ppc = NO_PPC, + .irq = NMI_1, + }, + { + .name = "armsse-sysinfo", + .type = TYPE_IOTKIT_SYSINFO, + .index = 0, + .addr = 0x40020000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "armsse-sysctl", + .type = TYPE_IOTKIT_SYSCTL, + .index = 0, + .addr = 0x50021000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "CPU0CORE_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 0, + .addr = 0x50023000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "CPU1CORE_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 1, + .addr = 0x50025000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "DBG_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 2, + .addr = 0x50029000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "RAM0_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 3, + .addr = 0x5002a000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "RAM1_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 4, + .addr = 0x5002b000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "RAM2_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 5, + .addr = 0x5002c000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "RAM3_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 6, + .addr = 0x5002d000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "SYS_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 7, + .addr = 0x50022000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = NULL, + } +}; + +static const ARMSSEDeviceInfo sse300_devices[] = { + { + .name = "timer0", + .type = TYPE_SSE_TIMER, + .index = 0, + .addr = 0x48000000, + .ppc = 0, + .ppc_port = 0, + .irq = 3, + }, + { + .name = "timer1", + .type = TYPE_SSE_TIMER, + .index = 1, + .addr = 0x48001000, + .ppc = 0, + .ppc_port = 1, + .irq = 4, + }, + { + .name = "timer2", + .type = TYPE_SSE_TIMER, + .index = 2, + .addr = 0x48002000, + .ppc = 0, + .ppc_port = 2, + .irq = 5, + }, + { + .name = "timer3", + .type = TYPE_SSE_TIMER, + .index = 3, + .addr = 0x48003000, + .ppc = 0, + .ppc_port = 5, + .irq = 27, + }, + { + .name = "s32ktimer", + .type = TYPE_CMSDK_APB_TIMER, + .index = 0, + .addr = 0x4802f000, + .ppc = 1, + .ppc_port = 0, + .irq = 2, + .slowclk = true, + }, + { + .name = "s32kwatchdog", + .type = TYPE_CMSDK_APB_WATCHDOG, + .index = 0, + .addr = 0x4802e000, + .ppc = NO_PPC, + .irq = NMI_0, + .slowclk = true, + }, + { + .name = "watchdog", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 0, + .addr = 0x48040000, + .size = 0x2000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "armsse-sysinfo", + .type = TYPE_IOTKIT_SYSINFO, + .index = 0, + .addr = 0x48020000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "armsse-sysctl", + .type = TYPE_IOTKIT_SYSCTL, + .index = 0, + .addr = 0x58021000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "SYS_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 1, + .addr = 0x58022000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "CPU0CORE_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 2, + .addr = 0x50023000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "MGMT_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 3, + .addr = 0x50028000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = "DEBUG_PPU", + .type = TYPE_UNIMPLEMENTED_DEVICE, + .index = 4, + .addr = 0x50029000, + .size = 0x1000, + .ppc = NO_PPC, + .irq = NO_IRQ, + }, + { + .name = NULL, + } +}; + +/* Is internal IRQ n shared between CPUs in a multi-core SSE ? */ +static const bool sse200_irq_is_common[32] = { + [0 ... 5] = true, + /* 6, 7: per-CPU MHU interrupts */ + [8 ... 12] = true, + /* 13: per-CPU icache interrupt */ + /* 14: reserved */ + [15 ... 20] = true, + /* 21: reserved */ + [22 ... 26] = true, + /* 27: reserved */ + /* 28, 29: per-CPU CTI interrupts */ + /* 30, 31: reserved */ +}; + +static const bool sse300_irq_is_common[32] = { + [0 ... 5] = true, + /* 6, 7: per-CPU MHU interrupts */ + [8 ... 12] = true, + /* 13: reserved */ + [14 ... 16] = true, + /* 17-25: reserved */ + [26 ... 27] = true, + /* 28, 29: per-CPU CTI interrupts */ + /* 30, 31: reserved */ +}; + static const ARMSSEInfo armsse_variants[] = { { .name = TYPE_IOTKIT, + .sse_version = ARMSSE_IOTKIT, .sram_banks = 1, .num_cpus = 1, .sys_version = 0x41743, + .iidr = 0, .cpuwait_rst = 0, - .sys_config_format = IoTKitFormat, .has_mhus = false, - .has_ppus = false, .has_cachectrl = false, .has_cpusecctrl = false, .has_cpuid = false, + .has_cpu_pwrctrl = false, + .has_sse_counter = false, .props = iotkit_properties, + .devinfo = iotkit_devices, + .irq_is_common = sse200_irq_is_common, }, { .name = TYPE_SSE200, + .sse_version = ARMSSE_SSE200, .sram_banks = 4, .num_cpus = 2, .sys_version = 0x22041743, + .iidr = 0, .cpuwait_rst = 2, - .sys_config_format = SSE200Format, .has_mhus = true, - .has_ppus = true, .has_cachectrl = true, .has_cpusecctrl = true, .has_cpuid = true, + .has_cpu_pwrctrl = false, + .has_sse_counter = false, + .props = armsse_properties, + .devinfo = sse200_devices, + .irq_is_common = sse200_irq_is_common, + }, + { + .name = TYPE_SSE300, + .sse_version = ARMSSE_SSE300, + .sram_banks = 2, + .num_cpus = 1, + .sys_version = 0x7e00043b, + .iidr = 0x74a0043b, + .cpuwait_rst = 0, + .has_mhus = false, + .has_cachectrl = false, + .has_cpusecctrl = true, + .has_cpuid = true, + .has_cpu_pwrctrl = true, + .has_sse_counter = true, .props = armsse_properties, + .devinfo = sse300_devices, + .irq_is_common = sse300_irq_is_common, }, }; @@ -104,13 +548,13 @@ static uint32_t armsse_sys_config_value(ARMSSE *s, const ARMSSEInfo *info) /* Return the SYS_CONFIG value for this SSE */ uint32_t sys_config; - switch (info->sys_config_format) { - case IoTKitFormat: + switch (info->sse_version) { + case ARMSSE_IOTKIT: sys_config = 0; sys_config = deposit32(sys_config, 0, 4, info->sram_banks); sys_config = deposit32(sys_config, 4, 4, s->sram_addr_width - 12); break; - case SSE200Format: + case ARMSSE_SSE200: sys_config = 0; sys_config = deposit32(sys_config, 0, 4, info->sram_banks); sys_config = deposit32(sys_config, 4, 5, s->sram_addr_width); @@ -121,6 +565,12 @@ static uint32_t armsse_sys_config_value(ARMSSE *s, const ARMSSEInfo *info) sys_config = deposit32(sys_config, 28, 4, 2); } break; + case ARMSSE_SSE300: + sys_config = 0; + sys_config = deposit32(sys_config, 0, 4, info->sram_banks); + sys_config = deposit32(sys_config, 4, 5, s->sram_addr_width); + sys_config = deposit32(sys_config, 16, 3, 3); /* CPU0 = Cortex-M55 */ + break; default: g_assert_not_reached(); } @@ -130,21 +580,6 @@ static uint32_t armsse_sys_config_value(ARMSSE *s, const ARMSSEInfo *info) /* Clock frequency in HZ of the 32KHz "slow clock" */ #define S32KCLK (32 * 1000) -/* Is internal IRQ n shared between CPUs in a multi-core SSE ? */ -static bool irq_is_common[32] = { - [0 ... 5] = true, - /* 6, 7: per-CPU MHU interrupts */ - [8 ... 12] = true, - /* 13: per-CPU icache interrupt */ - /* 14: reserved */ - [15 ... 20] = true, - /* 21: reserved */ - [22 ... 26] = true, - /* 27: reserved */ - /* 28, 29: per-CPU CTI interrupts */ - /* 30, 31: reserved */ -}; - /* * Create an alias region in @container of @size bytes starting at @base * which mirrors the memory starting at @orig. @@ -230,9 +665,10 @@ static void armsse_forward_sec_resp_cfg(ARMSSE *s) qdev_connect_gpio_out(dev_splitter, 2, s->sec_resp_cfg_in); } -static void armsse_mainclk_update(void *opaque) +static void armsse_mainclk_update(void *opaque, ClockEvent event) { ARMSSE *s = ARM_SSE(opaque); + /* * Set system_clock_scale from our Clock input; this is what * controls the tick rate of the CPU SysTick timer. @@ -245,14 +681,15 @@ static void armsse_init(Object *obj) ARMSSE *s = ARM_SSE(obj); ARMSSEClass *asc = ARM_SSE_GET_CLASS(obj); const ARMSSEInfo *info = asc->info; + const ARMSSEDeviceInfo *devinfo; int i; assert(info->sram_banks <= MAX_SRAM_BANKS); assert(info->num_cpus <= SSE_MAX_CPUS); s->mainclk = qdev_init_clock_in(DEVICE(s), "MAINCLK", - armsse_mainclk_update, s); - s->s32kclk = qdev_init_clock_in(DEVICE(s), "S32KCLK", NULL, NULL); + armsse_mainclk_update, s, ClockUpdate); + s->s32kclk = qdev_init_clock_in(DEVICE(s), "S32KCLK", NULL, NULL, 0); memory_region_init(&s->container, obj, "armsse-container", UINT64_MAX); @@ -285,9 +722,52 @@ static void armsse_init(Object *obj) } } + for (devinfo = info->devinfo; devinfo->name; devinfo++) { + assert(devinfo->ppc == NO_PPC || devinfo->ppc < ARRAY_SIZE(s->apb_ppc)); + if (!strcmp(devinfo->type, TYPE_CMSDK_APB_TIMER)) { + assert(devinfo->index < ARRAY_SIZE(s->timer)); + object_initialize_child(obj, devinfo->name, + &s->timer[devinfo->index], + TYPE_CMSDK_APB_TIMER); + } else if (!strcmp(devinfo->type, TYPE_CMSDK_APB_DUALTIMER)) { + assert(devinfo->index == 0); + object_initialize_child(obj, devinfo->name, &s->dualtimer, + TYPE_CMSDK_APB_DUALTIMER); + } else if (!strcmp(devinfo->type, TYPE_SSE_TIMER)) { + assert(devinfo->index < ARRAY_SIZE(s->sse_timer)); + object_initialize_child(obj, devinfo->name, + &s->sse_timer[devinfo->index], + TYPE_SSE_TIMER); + } else if (!strcmp(devinfo->type, TYPE_CMSDK_APB_WATCHDOG)) { + assert(devinfo->index < ARRAY_SIZE(s->cmsdk_watchdog)); + object_initialize_child(obj, devinfo->name, + &s->cmsdk_watchdog[devinfo->index], + TYPE_CMSDK_APB_WATCHDOG); + } else if (!strcmp(devinfo->type, TYPE_IOTKIT_SYSINFO)) { + assert(devinfo->index == 0); + object_initialize_child(obj, devinfo->name, &s->sysinfo, + TYPE_IOTKIT_SYSINFO); + } else if (!strcmp(devinfo->type, TYPE_IOTKIT_SYSCTL)) { + assert(devinfo->index == 0); + object_initialize_child(obj, devinfo->name, &s->sysctl, + TYPE_IOTKIT_SYSCTL); + } else if (!strcmp(devinfo->type, TYPE_UNIMPLEMENTED_DEVICE)) { + assert(devinfo->index < ARRAY_SIZE(s->unimp)); + object_initialize_child(obj, devinfo->name, + &s->unimp[devinfo->index], + TYPE_UNIMPLEMENTED_DEVICE); + } else { + g_assert_not_reached(); + } + } + object_initialize_child(obj, "secctl", &s->secctl, TYPE_IOTKIT_SECCTL); - object_initialize_child(obj, "apb-ppc0", &s->apb_ppc0, TYPE_TZ_PPC); - object_initialize_child(obj, "apb-ppc1", &s->apb_ppc1, TYPE_TZ_PPC); + + for (i = 0; i < ARRAY_SIZE(s->apb_ppc); i++) { + g_autofree char *name = g_strdup_printf("apb-ppc%d", i); + object_initialize_child(obj, name, &s->apb_ppc[i], TYPE_TZ_PPC); + } + for (i = 0; i < info->sram_banks; i++) { char *name = g_strdup_printf("mpc%d", i); object_initialize_child(obj, name, &s->mpc[i], TYPE_TZ_MPC); @@ -303,46 +783,11 @@ static void armsse_init(Object *obj) object_initialize_child(obj, name, splitter, TYPE_SPLIT_IRQ); g_free(name); } - object_initialize_child(obj, "timer0", &s->timer0, TYPE_CMSDK_APB_TIMER); - object_initialize_child(obj, "timer1", &s->timer1, TYPE_CMSDK_APB_TIMER); - object_initialize_child(obj, "s32ktimer", &s->s32ktimer, - TYPE_CMSDK_APB_TIMER); - object_initialize_child(obj, "dualtimer", &s->dualtimer, - TYPE_CMSDK_APB_DUALTIMER); - object_initialize_child(obj, "s32kwatchdog", &s->s32kwatchdog, - TYPE_CMSDK_APB_WATCHDOG); - object_initialize_child(obj, "nswatchdog", &s->nswatchdog, - TYPE_CMSDK_APB_WATCHDOG); - object_initialize_child(obj, "swatchdog", &s->swatchdog, - TYPE_CMSDK_APB_WATCHDOG); - object_initialize_child(obj, "armsse-sysctl", &s->sysctl, - TYPE_IOTKIT_SYSCTL); - object_initialize_child(obj, "armsse-sysinfo", &s->sysinfo, - TYPE_IOTKIT_SYSINFO); + if (info->has_mhus) { object_initialize_child(obj, "mhu0", &s->mhu[0], TYPE_ARMSSE_MHU); object_initialize_child(obj, "mhu1", &s->mhu[1], TYPE_ARMSSE_MHU); } - if (info->has_ppus) { - for (i = 0; i < info->num_cpus; i++) { - char *name = g_strdup_printf("CPU%dCORE_PPU", i); - int ppuidx = CPU0CORE_PPU + i; - - object_initialize_child(obj, name, &s->ppu[ppuidx], - TYPE_UNIMPLEMENTED_DEVICE); - g_free(name); - } - object_initialize_child(obj, "DBG_PPU", &s->ppu[DBG_PPU], - TYPE_UNIMPLEMENTED_DEVICE); - for (i = 0; i < info->sram_banks; i++) { - char *name = g_strdup_printf("RAM%d_PPU", i); - int ppuidx = RAM0_PPU + i; - - object_initialize_child(obj, name, &s->ppu[ppuidx], - TYPE_UNIMPLEMENTED_DEVICE); - g_free(name); - } - } if (info->has_cachectrl) { for (i = 0; i < info->num_cpus; i++) { char *name = g_strdup_printf("cachectrl%d", i); @@ -370,6 +815,20 @@ static void armsse_init(Object *obj) g_free(name); } } + if (info->has_cpu_pwrctrl) { + for (i = 0; i < info->num_cpus; i++) { + char *name = g_strdup_printf("cpu_pwrctrl%d", i); + + object_initialize_child(obj, name, &s->cpu_pwrctrl[i], + TYPE_ARMSSE_CPU_PWRCTRL); + g_free(name); + } + } + if (info->has_sse_counter) { + object_initialize_child(obj, "sse-counter", &s->sse_counter, + TYPE_SSE_COUNTER); + } + object_initialize_child(obj, "nmi-orgate", &s->nmi_orgate, TYPE_OR_IRQ); object_initialize_child(obj, "ppc-irq-orgate", &s->ppc_irq_orgate, TYPE_OR_IRQ); @@ -384,7 +843,7 @@ static void armsse_init(Object *obj) } if (info->num_cpus > 1) { for (i = 0; i < ARRAY_SIZE(s->cpu_irq_splitter); i++) { - if (irq_is_common[i]) { + if (info->irq_is_common[i]) { char *name = g_strdup_printf("cpu-irq-splitter%d", i); SplitIRQ *splitter = &s->cpu_irq_splitter[i]; @@ -417,7 +876,7 @@ static qemu_irq armsse_get_common_irq_in(ARMSSE *s, int irqno) ARMSSEClass *asc = ARM_SSE_GET_CLASS(s); const ARMSSEInfo *info = asc->info; - assert(irq_is_common[irqno]); + assert(info->irq_is_common[irqno]); if (info->num_cpus == 1) { /* Only one CPU -- just connect directly to it */ @@ -428,22 +887,12 @@ static qemu_irq armsse_get_common_irq_in(ARMSSE *s, int irqno) } } -static void map_ppu(ARMSSE *s, int ppuidx, const char *name, hwaddr addr) -{ - /* Map a PPU unimplemented device stub */ - DeviceState *dev = DEVICE(&s->ppu[ppuidx]); - - qdev_prop_set_string(dev, "name", name); - qdev_prop_set_uint64(dev, "size", 0x1000); - sysbus_realize(SYS_BUS_DEVICE(dev), &error_fatal); - sysbus_mmio_map(SYS_BUS_DEVICE(&s->ppu[ppuidx]), 0, addr); -} - static void armsse_realize(DeviceState *dev, Error **errp) { ARMSSE *s = ARM_SSE(dev); ARMSSEClass *asc = ARM_SSE_GET_CLASS(dev); const ARMSSEInfo *info = asc->info; + const ARMSSEDeviceInfo *devinfo; int i; MemoryRegion *mr; Error *err = NULL; @@ -522,7 +971,7 @@ static void armsse_realize(DeviceState *dev, Error **errp) int j; char *gpioname; - qdev_prop_set_uint32(cpudev, "num-irq", s->exp_numirq + 32); + qdev_prop_set_uint32(cpudev, "num-irq", s->exp_numirq + NUM_SSE_IRQS); /* * In real hardware the initial Secure VTOR is set from the INITSVTOR* * registers in the IoT Kit System Control Register block. In QEMU @@ -593,7 +1042,7 @@ static void armsse_realize(DeviceState *dev, Error **errp) /* Connect EXP_IRQ/EXP_CPUn_IRQ GPIOs to the NVIC's lines 32 and up */ s->exp_irqs[i] = g_new(qemu_irq, s->exp_numirq); for (j = 0; j < s->exp_numirq; j++) { - s->exp_irqs[i][j] = qdev_get_gpio_in(cpudev, j + 32); + s->exp_irqs[i][j] = qdev_get_gpio_in(cpudev, j + NUM_SSE_IRQS); } if (i == 0) { gpioname = g_strdup("EXP_IRQ"); @@ -609,7 +1058,7 @@ static void armsse_realize(DeviceState *dev, Error **errp) /* Wire up the splitters that connect common IRQs to all CPUs */ if (info->num_cpus > 1) { for (i = 0; i < ARRAY_SIZE(s->cpu_irq_splitter); i++) { - if (irq_is_common[i]) { + if (info->irq_is_common[i]) { Object *splitter = OBJECT(&s->cpu_irq_splitter[i]); DeviceState *devs = DEVICE(splitter); int cpunum; @@ -649,6 +1098,8 @@ static void armsse_realize(DeviceState *dev, Error **errp) } /* Security controller */ + object_property_set_int(OBJECT(&s->secctl), "sse-version", + info->sse_version, &error_abort); if (!sysbus_realize(SYS_BUS_DEVICE(&s->secctl), errp)) { return; } @@ -715,6 +1166,36 @@ static void armsse_realize(DeviceState *dev, Error **errp) qdev_connect_gpio_out(DEVICE(&s->mpc_irq_orgate), 0, armsse_get_common_irq_in(s, 9)); + /* This OR gate wires together outputs from the secure watchdogs to NMI */ + if (!object_property_set_int(OBJECT(&s->nmi_orgate), "num-lines", 2, + errp)) { + return; + } + if (!qdev_realize(DEVICE(&s->nmi_orgate), NULL, errp)) { + return; + } + qdev_connect_gpio_out(DEVICE(&s->nmi_orgate), 0, + qdev_get_gpio_in_named(DEVICE(&s->armv7m), "NMI", 0)); + + /* The SSE-300 has a System Counter / System Timestamp Generator */ + if (info->has_sse_counter) { + SysBusDevice *sbd = SYS_BUS_DEVICE(&s->sse_counter); + + qdev_connect_clock_in(DEVICE(sbd), "CLK", s->mainclk); + if (!sysbus_realize(sbd, errp)) { + return; + } + /* + * The control frame is only in the Secure region; + * the status frame is in the NS region (and visible in the + * S region via the alias mapping). + */ + memory_region_add_subregion(&s->container, 0x58100000, + sysbus_mmio_get_region(sbd, 0)); + memory_region_add_subregion(&s->container, 0x48101000, + sysbus_mmio_get_region(sbd, 1)); + } + /* Devices behind APB PPC0: * 0x40000000: timer0 * 0x40001000: timer1 @@ -725,35 +1206,127 @@ static void armsse_realize(DeviceState *dev, Error **errp) * it to the appropriate PPC port; then we can realize the PPC and * map its upstream ends to the right place in the container. */ - qdev_connect_clock_in(DEVICE(&s->timer0), "pclk", s->mainclk); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->timer0), errp)) { - return; - } - sysbus_connect_irq(SYS_BUS_DEVICE(&s->timer0), 0, - armsse_get_common_irq_in(s, 3)); - mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->timer0), 0); - object_property_set_link(OBJECT(&s->apb_ppc0), "port[0]", OBJECT(mr), - &error_abort); - - qdev_connect_clock_in(DEVICE(&s->timer1), "pclk", s->mainclk); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->timer1), errp)) { - return; - } - sysbus_connect_irq(SYS_BUS_DEVICE(&s->timer1), 0, - armsse_get_common_irq_in(s, 4)); - mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->timer1), 0); - object_property_set_link(OBJECT(&s->apb_ppc0), "port[1]", OBJECT(mr), - &error_abort); - - qdev_connect_clock_in(DEVICE(&s->dualtimer), "TIMCLK", s->mainclk); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->dualtimer), errp)) { - return; + for (devinfo = info->devinfo; devinfo->name; devinfo++) { + SysBusDevice *sbd; + qemu_irq irq; + + if (!strcmp(devinfo->type, TYPE_CMSDK_APB_TIMER)) { + sbd = SYS_BUS_DEVICE(&s->timer[devinfo->index]); + + qdev_connect_clock_in(DEVICE(sbd), "pclk", + devinfo->slowclk ? s->s32kclk : s->mainclk); + if (!sysbus_realize(sbd, errp)) { + return; + } + mr = sysbus_mmio_get_region(sbd, 0); + } else if (!strcmp(devinfo->type, TYPE_CMSDK_APB_DUALTIMER)) { + sbd = SYS_BUS_DEVICE(&s->dualtimer); + + qdev_connect_clock_in(DEVICE(sbd), "TIMCLK", s->mainclk); + if (!sysbus_realize(sbd, errp)) { + return; + } + mr = sysbus_mmio_get_region(sbd, 0); + } else if (!strcmp(devinfo->type, TYPE_SSE_TIMER)) { + sbd = SYS_BUS_DEVICE(&s->sse_timer[devinfo->index]); + + assert(info->has_sse_counter); + object_property_set_link(OBJECT(sbd), "counter", + OBJECT(&s->sse_counter), &error_abort); + if (!sysbus_realize(sbd, errp)) { + return; + } + mr = sysbus_mmio_get_region(sbd, 0); + } else if (!strcmp(devinfo->type, TYPE_CMSDK_APB_WATCHDOG)) { + sbd = SYS_BUS_DEVICE(&s->cmsdk_watchdog[devinfo->index]); + + qdev_connect_clock_in(DEVICE(sbd), "WDOGCLK", + devinfo->slowclk ? s->s32kclk : s->mainclk); + if (!sysbus_realize(sbd, errp)) { + return; + } + mr = sysbus_mmio_get_region(sbd, 0); + } else if (!strcmp(devinfo->type, TYPE_IOTKIT_SYSINFO)) { + sbd = SYS_BUS_DEVICE(&s->sysinfo); + + object_property_set_int(OBJECT(&s->sysinfo), "SYS_VERSION", + info->sys_version, &error_abort); + object_property_set_int(OBJECT(&s->sysinfo), "SYS_CONFIG", + armsse_sys_config_value(s, info), + &error_abort); + object_property_set_int(OBJECT(&s->sysinfo), "sse-version", + info->sse_version, &error_abort); + object_property_set_int(OBJECT(&s->sysinfo), "IIDR", + info->iidr, &error_abort); + if (!sysbus_realize(sbd, errp)) { + return; + } + mr = sysbus_mmio_get_region(sbd, 0); + } else if (!strcmp(devinfo->type, TYPE_IOTKIT_SYSCTL)) { + /* System control registers */ + sbd = SYS_BUS_DEVICE(&s->sysctl); + + object_property_set_int(OBJECT(&s->sysctl), "sse-version", + info->sse_version, &error_abort); + object_property_set_int(OBJECT(&s->sysctl), "CPUWAIT_RST", + info->cpuwait_rst, &error_abort); + object_property_set_int(OBJECT(&s->sysctl), "INITSVTOR0_RST", + s->init_svtor, &error_abort); + object_property_set_int(OBJECT(&s->sysctl), "INITSVTOR1_RST", + s->init_svtor, &error_abort); + if (!sysbus_realize(sbd, errp)) { + return; + } + mr = sysbus_mmio_get_region(sbd, 0); + } else if (!strcmp(devinfo->type, TYPE_UNIMPLEMENTED_DEVICE)) { + sbd = SYS_BUS_DEVICE(&s->unimp[devinfo->index]); + + qdev_prop_set_string(DEVICE(sbd), "name", devinfo->name); + qdev_prop_set_uint64(DEVICE(sbd), "size", devinfo->size); + if (!sysbus_realize(sbd, errp)) { + return; + } + mr = sysbus_mmio_get_region(sbd, 0); + } else { + g_assert_not_reached(); + } + + switch (devinfo->irq) { + case NO_IRQ: + irq = NULL; + break; + case 0 ... NUM_SSE_IRQS - 1: + irq = armsse_get_common_irq_in(s, devinfo->irq); + break; + case NMI_0: + case NMI_1: + irq = qdev_get_gpio_in(DEVICE(&s->nmi_orgate), + devinfo->irq - NMI_0); + break; + default: + g_assert_not_reached(); + } + + if (irq) { + sysbus_connect_irq(sbd, 0, irq); + } + + /* + * Devices connected to a PPC are connected to the port here; + * we will map the upstream end of that port to the right address + * in the container later after the PPC has been realized. + * Devices not connected to a PPC can be mapped immediately. + */ + if (devinfo->ppc != NO_PPC) { + TZPPC *ppc = &s->apb_ppc[devinfo->ppc]; + g_autofree char *portname = g_strdup_printf("port[%d]", + devinfo->ppc_port); + object_property_set_link(OBJECT(ppc), portname, OBJECT(mr), + &error_abort); + } else { + memory_region_add_subregion(&s->container, devinfo->addr, mr); + } } - sysbus_connect_irq(SYS_BUS_DEVICE(&s->dualtimer), 0, - armsse_get_common_irq_in(s, 5)); - mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->dualtimer), 0); - object_property_set_link(OBJECT(&s->apb_ppc0), "port[2]", OBJECT(mr), - &error_abort); if (info->has_mhus) { /* @@ -775,7 +1348,7 @@ static void armsse_realize(DeviceState *dev, Error **errp) } port = g_strdup_printf("port[%d]", i + 3); mr = sysbus_mmio_get_region(mhu_sbd, 0); - object_property_set_link(OBJECT(&s->apb_ppc0), port, OBJECT(mr), + object_property_set_link(OBJECT(&s->apb_ppc[0]), port, OBJECT(mr), &error_abort); g_free(port); @@ -795,19 +1368,13 @@ static void armsse_realize(DeviceState *dev, Error **errp) } } - if (!sysbus_realize(SYS_BUS_DEVICE(&s->apb_ppc0), errp)) { + if (!sysbus_realize(SYS_BUS_DEVICE(&s->apb_ppc[0]), errp)) { return; } - sbd_apb_ppc0 = SYS_BUS_DEVICE(&s->apb_ppc0); - dev_apb_ppc0 = DEVICE(&s->apb_ppc0); + sbd_apb_ppc0 = SYS_BUS_DEVICE(&s->apb_ppc[0]); + dev_apb_ppc0 = DEVICE(&s->apb_ppc[0]); - mr = sysbus_mmio_get_region(sbd_apb_ppc0, 0); - memory_region_add_subregion(&s->container, 0x40000000, mr); - mr = sysbus_mmio_get_region(sbd_apb_ppc0, 1); - memory_region_add_subregion(&s->container, 0x40001000, mr); - mr = sysbus_mmio_get_region(sbd_apb_ppc0, 2); - memory_region_add_subregion(&s->container, 0x40002000, mr); if (info->has_mhus) { mr = sysbus_mmio_get_region(sbd_apb_ppc0, 3); memory_region_add_subregion(&s->container, 0x40003000, mr); @@ -852,6 +1419,8 @@ static void armsse_realize(DeviceState *dev, Error **errp) * 0x50010000: L1 icache control registers * 0x50011000: CPUSECCTRL (CPU local security control registers) * 0x4001f000 and 0x5001f000: CPU_IDENTITY register block + * The SSE-300 has an extra: + * 0x40012000 and 0x50012000: CPU_PWRCTRL register block */ if (info->has_cachectrl) { for (i = 0; i < info->num_cpus; i++) { @@ -898,28 +1467,24 @@ static void armsse_realize(DeviceState *dev, Error **errp) memory_region_add_subregion(&s->cpu_container[i], 0x4001F000, mr); } } + if (info->has_cpu_pwrctrl) { + for (i = 0; i < info->num_cpus; i++) { + MemoryRegion *mr; - /* 0x40020000 .. 0x4002ffff : ARMSSE system control peripheral region */ - /* Devices behind APB PPC1: - * 0x4002f000: S32K timer - */ - qdev_connect_clock_in(DEVICE(&s->s32ktimer), "pclk", s->s32kclk); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->s32ktimer), errp)) { - return; + if (!sysbus_realize(SYS_BUS_DEVICE(&s->cpu_pwrctrl[i]), errp)) { + return; + } + + mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->cpu_pwrctrl[i]), 0); + memory_region_add_subregion(&s->cpu_container[i], 0x40012000, mr); + } } - sysbus_connect_irq(SYS_BUS_DEVICE(&s->s32ktimer), 0, - armsse_get_common_irq_in(s, 2)); - mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->s32ktimer), 0); - object_property_set_link(OBJECT(&s->apb_ppc1), "port[0]", OBJECT(mr), - &error_abort); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->apb_ppc1), errp)) { + if (!sysbus_realize(SYS_BUS_DEVICE(&s->apb_ppc[1]), errp)) { return; } - mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->apb_ppc1), 0); - memory_region_add_subregion(&s->container, 0x4002f000, mr); - dev_apb_ppc1 = DEVICE(&s->apb_ppc1); + dev_apb_ppc1 = DEVICE(&s->apb_ppc[1]); qdev_connect_gpio_out_named(dev_secctl, "apb_ppc1_nonsec", 0, qdev_get_gpio_in_named(dev_apb_ppc1, "cfg_nonsec", 0)); @@ -936,92 +1501,23 @@ static void armsse_realize(DeviceState *dev, Error **errp) qdev_get_gpio_in_named(dev_apb_ppc1, "cfg_sec_resp", 0)); - if (!object_property_set_int(OBJECT(&s->sysinfo), "SYS_VERSION", - info->sys_version, errp)) { - return; - } - if (!object_property_set_int(OBJECT(&s->sysinfo), "SYS_CONFIG", - armsse_sys_config_value(s, info), errp)) { - return; - } - if (!sysbus_realize(SYS_BUS_DEVICE(&s->sysinfo), errp)) { - return; - } - /* System information registers */ - sysbus_mmio_map(SYS_BUS_DEVICE(&s->sysinfo), 0, 0x40020000); - /* System control registers */ - object_property_set_int(OBJECT(&s->sysctl), "SYS_VERSION", - info->sys_version, &error_abort); - object_property_set_int(OBJECT(&s->sysctl), "CPUWAIT_RST", - info->cpuwait_rst, &error_abort); - object_property_set_int(OBJECT(&s->sysctl), "INITSVTOR0_RST", - s->init_svtor, &error_abort); - object_property_set_int(OBJECT(&s->sysctl), "INITSVTOR1_RST", - s->init_svtor, &error_abort); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->sysctl), errp)) { - return; - } - sysbus_mmio_map(SYS_BUS_DEVICE(&s->sysctl), 0, 0x50021000); - - if (info->has_ppus) { - /* CPUnCORE_PPU for each CPU */ - for (i = 0; i < info->num_cpus; i++) { - char *name = g_strdup_printf("CPU%dCORE_PPU", i); - - map_ppu(s, CPU0CORE_PPU + i, name, 0x50023000 + i * 0x2000); - /* - * We don't support CPU debug so don't create the - * CPU0DEBUG_PPU at 0x50024000 and 0x50026000. - */ - g_free(name); - } - map_ppu(s, DBG_PPU, "DBG_PPU", 0x50029000); - - for (i = 0; i < info->sram_banks; i++) { - char *name = g_strdup_printf("RAM%d_PPU", i); + /* + * Now both PPCs are realized we can map the upstream ends of + * ports which correspond to entries in the devinfo array. + * The ports which are connected to non-devinfo devices have + * already been mapped. + */ + for (devinfo = info->devinfo; devinfo->name; devinfo++) { + SysBusDevice *ppc_sbd; - map_ppu(s, RAM0_PPU + i, name, 0x5002a000 + i * 0x1000); - g_free(name); + if (devinfo->ppc == NO_PPC) { + continue; } + ppc_sbd = SYS_BUS_DEVICE(&s->apb_ppc[devinfo->ppc]); + mr = sysbus_mmio_get_region(ppc_sbd, devinfo->ppc_port); + memory_region_add_subregion(&s->container, devinfo->addr, mr); } - /* This OR gate wires together outputs from the secure watchdogs to NMI */ - if (!object_property_set_int(OBJECT(&s->nmi_orgate), "num-lines", 2, - errp)) { - return; - } - if (!qdev_realize(DEVICE(&s->nmi_orgate), NULL, errp)) { - return; - } - qdev_connect_gpio_out(DEVICE(&s->nmi_orgate), 0, - qdev_get_gpio_in_named(DEVICE(&s->armv7m), "NMI", 0)); - - qdev_connect_clock_in(DEVICE(&s->s32kwatchdog), "WDOGCLK", s->s32kclk); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->s32kwatchdog), errp)) { - return; - } - sysbus_connect_irq(SYS_BUS_DEVICE(&s->s32kwatchdog), 0, - qdev_get_gpio_in(DEVICE(&s->nmi_orgate), 0)); - sysbus_mmio_map(SYS_BUS_DEVICE(&s->s32kwatchdog), 0, 0x5002e000); - - /* 0x40080000 .. 0x4008ffff : ARMSSE second Base peripheral region */ - - qdev_connect_clock_in(DEVICE(&s->nswatchdog), "WDOGCLK", s->mainclk); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->nswatchdog), errp)) { - return; - } - sysbus_connect_irq(SYS_BUS_DEVICE(&s->nswatchdog), 0, - armsse_get_common_irq_in(s, 1)); - sysbus_mmio_map(SYS_BUS_DEVICE(&s->nswatchdog), 0, 0x40081000); - - qdev_connect_clock_in(DEVICE(&s->swatchdog), "WDOGCLK", s->mainclk); - if (!sysbus_realize(SYS_BUS_DEVICE(&s->swatchdog), errp)) { - return; - } - sysbus_connect_irq(SYS_BUS_DEVICE(&s->swatchdog), 0, - qdev_get_gpio_in(DEVICE(&s->nmi_orgate), 1)); - sysbus_mmio_map(SYS_BUS_DEVICE(&s->swatchdog), 0, 0x50081000); - for (i = 0; i < ARRAY_SIZE(s->ppc_irq_splitter); i++) { Object *splitter = OBJECT(&s->ppc_irq_splitter[i]); @@ -1052,7 +1548,7 @@ static void armsse_realize(DeviceState *dev, Error **errp) DeviceState *devs = DEVICE(&s->ppc_irq_splitter[i]); char *gpioname = g_strdup_printf("apb_ppc%d_irq_status", i - NUM_EXTERNAL_PPCS); - TZPPC *ppc = (i == NUM_EXTERNAL_PPCS) ? &s->apb_ppc0 : &s->apb_ppc1; + TZPPC *ppc = &s->apb_ppc[i - NUM_EXTERNAL_PPCS]; qdev_connect_gpio_out(devs, 0, qdev_get_gpio_in_named(dev_secctl, gpioname, 0)); @@ -1120,7 +1616,7 @@ static void armsse_realize(DeviceState *dev, Error **errp) sysbus_init_mmio(SYS_BUS_DEVICE(s), &s->container); /* Set initial system_clock_scale from MAINCLK */ - armsse_mainclk_update(s); + armsse_mainclk_update(s, ClockUpdate); } static void armsse_idau_check(IDAUInterface *ii, uint32_t address, diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c index 8224d4ade9..6dd10d8470 100644 --- a/hw/arm/armv7m.c +++ b/hw/arm/armv7m.c @@ -16,7 +16,6 @@ #include "hw/loader.h" #include "hw/qdev-properties.h" #include "elf.h" -#include "sysemu/qtest.h" #include "sysemu/reset.h" #include "qemu/error-report.h" #include "qemu/module.h" diff --git a/hw/arm/mainstone.c b/hw/arm/mainstone.c index 6bc643651b..8454b65458 100644 --- a/hw/arm/mainstone.c +++ b/hw/arm/mainstone.c @@ -22,7 +22,6 @@ #include "hw/block/flash.h" #include "hw/sysbus.h" #include "exec/address-spaces.h" -#include "sysemu/qtest.h" #include "cpu.h" /* Device addresses */ diff --git a/hw/arm/mps2-tz.c b/hw/arm/mps2-tz.c index 72da8cb1a1..3fbe3d29f9 100644 --- a/hw/arm/mps2-tz.c +++ b/hw/arm/mps2-tz.c @@ -17,6 +17,7 @@ * "mps2-an505" -- Cortex-M33 as documented in ARM Application Note AN505 * "mps2-an521" -- Dual Cortex-M33 as documented in Application Note AN521 * "mps2-an524" -- Dual Cortex-M33 as documented in Application Note AN524 + * "mps2-an547" -- Single Cortex-M55 as documented in Application Note AN547 * * Links to the TRM for the board itself and to the various Application * Notes which document the FPGA images can be found here: @@ -30,6 +31,8 @@ * https://developer.arm.com/documentation/dai0521/latest/ * Application Note AN524: * https://developer.arm.com/documentation/dai0524/latest/ + * Application Note AN547: + * https://developer.arm.com/-/media/Arm%20Developer%20Community/PDF/DAI0547B_SSE300_PLUS_U55_FPGA_for_mps3.pdf * * The AN505 defers to the Cortex-M33 processor ARMv8M IoT Kit FVP User Guide * (ARM ECM0601256) for the details of some of the device layout: @@ -37,6 +40,8 @@ * Similarly, the AN521 and AN524 use the SSE-200, and the SSE-200 TRM defines * most of the device layout: * https://developer.arm.com/documentation/101104/latest/ + * and the AN547 uses the SSE-300, whose layout is in the SSE-300 TRM: + * https://developer.arm.com/documentation/101773/latest/ */ #include "qemu/osdep.h" @@ -68,13 +73,14 @@ #include "hw/qdev-clock.h" #include "qom/object.h" -#define MPS2TZ_NUMIRQ_MAX 95 -#define MPS2TZ_RAM_MAX 4 +#define MPS2TZ_NUMIRQ_MAX 96 +#define MPS2TZ_RAM_MAX 5 typedef enum MPS2TZFPGAType { FPGA_AN505, FPGA_AN521, FPGA_AN524, + FPGA_AN547, } MPS2TZFPGAType; /* @@ -106,11 +112,15 @@ struct MPS2TZMachineClass { MPS2TZFPGAType fpga_type; uint32_t scc_id; uint32_t sysclk_frq; /* Main SYSCLK frequency in Hz */ + uint32_t apb_periph_frq; /* APB peripheral frequency in Hz */ uint32_t len_oscclk; const uint32_t *oscclk; uint32_t fpgaio_num_leds; /* Number of LEDs in FPGAIO LED0 register */ bool fpgaio_has_switches; /* Does FPGAIO have SWITCH register? */ + bool fpgaio_has_dbgctrl; /* Does FPGAIO have DBGCTRL register? */ int numirq; /* Number of external interrupts */ + int uart_overflow_irq; /* number of the combined UART overflow IRQ */ + uint32_t init_svtor; /* init-svtor setting for SSE */ const RAMInfo *raminfo; const char *armsse_type; }; @@ -149,6 +159,7 @@ struct MPS2TZMachineState { #define TYPE_MPS2TZ_AN505_MACHINE MACHINE_TYPE_NAME("mps2-an505") #define TYPE_MPS2TZ_AN521_MACHINE MACHINE_TYPE_NAME("mps2-an521") #define TYPE_MPS3TZ_AN524_MACHINE MACHINE_TYPE_NAME("mps3-an524") +#define TYPE_MPS3TZ_AN547_MACHINE MACHINE_TYPE_NAME("mps3-an547") OBJECT_DECLARE_TYPE(MPS2TZMachineState, MPS2TZMachineClass, MPS2TZ_MACHINE) @@ -248,6 +259,49 @@ static const RAMInfo an524_raminfo[] = { { }, }; +static const RAMInfo an547_raminfo[] = { { + .name = "itcm", + .base = 0x00000000, + .size = 512 * KiB, + .mpc = -1, + .mrindex = 0, + }, { + .name = "sram", + .base = 0x01000000, + .size = 2 * MiB, + .mpc = 0, + .mrindex = 1, + }, { + .name = "dtcm", + .base = 0x20000000, + .size = 4 * 128 * KiB, + .mpc = -1, + .mrindex = 2, + }, { + .name = "sram 2", + .base = 0x21000000, + .size = 4 * MiB, + .mpc = -1, + .mrindex = 3, + }, { + /* We don't model QSPI flash yet; for now expose it as simple ROM */ + .name = "QSPI", + .base = 0x28000000, + .size = 8 * MiB, + .mpc = 1, + .mrindex = 4, + .flags = IS_ROM, + }, { + .name = "DDR", + .base = 0x60000000, + .size = MPS3_DDR_SIZE, + .mpc = 2, + .mrindex = -1, + }, { + .name = NULL, + }, +}; + static const RAMInfo *find_raminfo_for_mpc(MPS2TZMachineState *mms, int mpc) { MPS2TZMachineClass *mmc = MPS2TZ_MACHINE_GET_CLASS(mms); @@ -377,7 +431,7 @@ static MemoryRegion *make_uart(MPS2TZMachineState *mms, void *opaque, object_initialize_child(OBJECT(mms), name, uart, TYPE_CMSDK_APB_UART); qdev_prop_set_chr(DEVICE(uart), "chardev", serial_hd(i)); - qdev_prop_set_uint32(DEVICE(uart), "pclk-frq", mmc->sysclk_frq); + qdev_prop_set_uint32(DEVICE(uart), "pclk-frq", mmc->apb_periph_frq); sysbus_realize(SYS_BUS_DEVICE(uart), &error_fatal); s = SYS_BUS_DEVICE(uart); sysbus_connect_irq(s, 0, get_sse_irq_in(mms, irqs[0])); @@ -421,6 +475,7 @@ static MemoryRegion *make_fpgaio(MPS2TZMachineState *mms, void *opaque, object_initialize_child(OBJECT(mms), "fpgaio", fpgaio, TYPE_MPS2_FPGAIO); qdev_prop_set_uint32(DEVICE(fpgaio), "num-leds", mmc->fpgaio_num_leds); qdev_prop_set_bit(DEVICE(fpgaio), "has-switches", mmc->fpgaio_has_switches); + qdev_prop_set_bit(DEVICE(fpgaio), "has-dbgctrl", mmc->fpgaio_has_dbgctrl); sysbus_realize(SYS_BUS_DEVICE(fpgaio), &error_fatal); return sysbus_mmio_get_region(SYS_BUS_DEVICE(fpgaio), 0); } @@ -696,6 +751,7 @@ static void mps2tz_common_init(MachineState *machine) object_property_set_link(OBJECT(&mms->iotkit), "memory", OBJECT(system_memory), &error_abort); qdev_prop_set_uint32(iotkitdev, "EXP_NUMIRQ", mmc->numirq); + qdev_prop_set_uint32(iotkitdev, "init-svtor", mmc->init_svtor); qdev_connect_clock_in(iotkitdev, "MAINCLK", mms->sysclk); qdev_connect_clock_in(iotkitdev, "S32KCLK", mms->s32kclk); sysbus_realize(SYS_BUS_DEVICE(&mms->iotkit), &error_fatal); @@ -770,7 +826,7 @@ static void mps2tz_common_init(MachineState *machine) &error_fatal); qdev_realize(DEVICE(&mms->uart_irq_orgate), NULL, &error_fatal); qdev_connect_gpio_out(DEVICE(&mms->uart_irq_orgate), 0, - get_sse_irq_in(mms, 47)); + get_sse_irq_in(mms, mmc->uart_overflow_irq)); /* Most of the devices in the FPGA are behind Peripheral Protection * Controllers. The required order for initializing things is: @@ -887,6 +943,55 @@ static void mps2tz_common_init(MachineState *machine) }, }; + const PPCInfo an547_ppcs[] = { { + .name = "apb_ppcexp0", + .ports = { + { "ssram-mpc", make_mpc, &mms->mpc[0], 0x57000000, 0x1000 }, + { "qspi-mpc", make_mpc, &mms->mpc[1], 0x57001000, 0x1000 }, + { "ddr-mpc", make_mpc, &mms->mpc[2], 0x57002000, 0x1000 }, + }, + }, { + .name = "apb_ppcexp1", + .ports = { + { "i2c0", make_i2c, &mms->i2c[0], 0x49200000, 0x1000 }, + { "i2c1", make_i2c, &mms->i2c[1], 0x49201000, 0x1000 }, + { "spi0", make_spi, &mms->spi[0], 0x49202000, 0x1000, { 53 } }, + { "spi1", make_spi, &mms->spi[1], 0x49203000, 0x1000, { 54 } }, + { "spi2", make_spi, &mms->spi[2], 0x49204000, 0x1000, { 55 } }, + { "i2c2", make_i2c, &mms->i2c[2], 0x49205000, 0x1000 }, + { "i2c3", make_i2c, &mms->i2c[3], 0x49206000, 0x1000 }, + { /* port 7 reserved */ }, + { "i2c4", make_i2c, &mms->i2c[4], 0x49208000, 0x1000 }, + }, + }, { + .name = "apb_ppcexp2", + .ports = { + { "scc", make_scc, &mms->scc, 0x49300000, 0x1000 }, + { "i2s-audio", make_unimp_dev, &mms->i2s_audio, 0x49301000, 0x1000 }, + { "fpgaio", make_fpgaio, &mms->fpgaio, 0x49302000, 0x1000 }, + { "uart0", make_uart, &mms->uart[0], 0x49303000, 0x1000, { 33, 34, 43 } }, + { "uart1", make_uart, &mms->uart[1], 0x49304000, 0x1000, { 35, 36, 44 } }, + { "uart2", make_uart, &mms->uart[2], 0x49305000, 0x1000, { 37, 38, 45 } }, + { "uart3", make_uart, &mms->uart[3], 0x49306000, 0x1000, { 39, 40, 46 } }, + { "uart4", make_uart, &mms->uart[4], 0x49307000, 0x1000, { 41, 42, 47 } }, + { "uart5", make_uart, &mms->uart[5], 0x49308000, 0x1000, { 125, 126, 127 } }, + + { /* port 9 reserved */ }, + { "clcd", make_unimp_dev, &mms->cldc, 0x4930a000, 0x1000 }, + { "rtc", make_rtc, &mms->rtc, 0x4930b000, 0x1000 }, + }, + }, { + .name = "ahb_ppcexp0", + .ports = { + { "gpio0", make_unimp_dev, &mms->gpio[0], 0x41100000, 0x1000 }, + { "gpio1", make_unimp_dev, &mms->gpio[1], 0x41101000, 0x1000 }, + { "gpio2", make_unimp_dev, &mms->gpio[2], 0x41102000, 0x1000 }, + { "gpio3", make_unimp_dev, &mms->gpio[3], 0x41103000, 0x1000 }, + { "eth-usb", make_eth_usb, NULL, 0x41400000, 0x200000, { 49 } }, + }, + }, + }; + switch (mmc->fpga_type) { case FPGA_AN505: case FPGA_AN521: @@ -897,6 +1002,10 @@ static void mps2tz_common_init(MachineState *machine) ppcs = an524_ppcs; num_ppcs = ARRAY_SIZE(an524_ppcs); break; + case FPGA_AN547: + ppcs = an547_ppcs; + num_ppcs = ARRAY_SIZE(an547_ppcs); + break; default: g_assert_not_reached(); } @@ -975,6 +1084,11 @@ static void mps2tz_common_init(MachineState *machine) create_unimplemented_device("FPGA NS PC", 0x48007000, 0x1000); + if (mmc->fpga_type == FPGA_AN547) { + create_unimplemented_device("U55 timing adapter 0", 0x48102000, 0x1000); + create_unimplemented_device("U55 timing adapter 1", 0x48103000, 0x1000); + } + create_non_mpc_ram(mms); armv7m_load_kernel(ARM_CPU(first_cpu), machine->kernel_filename, @@ -1041,11 +1155,15 @@ static void mps2tz_an505_class_init(ObjectClass *oc, void *data) mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-m33"); mmc->scc_id = 0x41045050; mmc->sysclk_frq = 20 * 1000 * 1000; /* 20MHz */ + mmc->apb_periph_frq = mmc->sysclk_frq; mmc->oscclk = an505_oscclk; mmc->len_oscclk = ARRAY_SIZE(an505_oscclk); mmc->fpgaio_num_leds = 2; mmc->fpgaio_has_switches = false; + mmc->fpgaio_has_dbgctrl = false; mmc->numirq = 92; + mmc->uart_overflow_irq = 47; + mmc->init_svtor = 0x10000000; mmc->raminfo = an505_raminfo; mmc->armsse_type = TYPE_IOTKIT; mps2tz_set_default_ram_info(mmc); @@ -1064,11 +1182,15 @@ static void mps2tz_an521_class_init(ObjectClass *oc, void *data) mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-m33"); mmc->scc_id = 0x41045210; mmc->sysclk_frq = 20 * 1000 * 1000; /* 20MHz */ + mmc->apb_periph_frq = mmc->sysclk_frq; mmc->oscclk = an505_oscclk; /* AN521 is the same as AN505 here */ mmc->len_oscclk = ARRAY_SIZE(an505_oscclk); mmc->fpgaio_num_leds = 2; mmc->fpgaio_has_switches = false; + mmc->fpgaio_has_dbgctrl = false; mmc->numirq = 92; + mmc->uart_overflow_irq = 47; + mmc->init_svtor = 0x10000000; mmc->raminfo = an505_raminfo; /* AN521 is the same as AN505 here */ mmc->armsse_type = TYPE_SSE200; mps2tz_set_default_ram_info(mmc); @@ -1087,16 +1209,47 @@ static void mps3tz_an524_class_init(ObjectClass *oc, void *data) mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-m33"); mmc->scc_id = 0x41045240; mmc->sysclk_frq = 32 * 1000 * 1000; /* 32MHz */ + mmc->apb_periph_frq = mmc->sysclk_frq; mmc->oscclk = an524_oscclk; mmc->len_oscclk = ARRAY_SIZE(an524_oscclk); mmc->fpgaio_num_leds = 10; mmc->fpgaio_has_switches = true; + mmc->fpgaio_has_dbgctrl = false; mmc->numirq = 95; + mmc->uart_overflow_irq = 47; + mmc->init_svtor = 0x10000000; mmc->raminfo = an524_raminfo; mmc->armsse_type = TYPE_SSE200; mps2tz_set_default_ram_info(mmc); } +static void mps3tz_an547_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + MPS2TZMachineClass *mmc = MPS2TZ_MACHINE_CLASS(oc); + + mc->desc = "ARM MPS3 with AN547 FPGA image for Cortex-M55"; + mc->default_cpus = 1; + mc->min_cpus = mc->default_cpus; + mc->max_cpus = mc->default_cpus; + mmc->fpga_type = FPGA_AN547; + mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-m55"); + mmc->scc_id = 0x41055470; + mmc->sysclk_frq = 32 * 1000 * 1000; /* 32MHz */ + mmc->apb_periph_frq = 25 * 1000 * 1000; /* 25MHz */ + mmc->oscclk = an524_oscclk; /* same as AN524 */ + mmc->len_oscclk = ARRAY_SIZE(an524_oscclk); + mmc->fpgaio_num_leds = 10; + mmc->fpgaio_has_switches = true; + mmc->fpgaio_has_dbgctrl = true; + mmc->numirq = 96; + mmc->uart_overflow_irq = 48; + mmc->init_svtor = 0x00000000; + mmc->raminfo = an547_raminfo; + mmc->armsse_type = TYPE_SSE300; + mps2tz_set_default_ram_info(mmc); +} + static const TypeInfo mps2tz_info = { .name = TYPE_MPS2TZ_MACHINE, .parent = TYPE_MACHINE, @@ -1128,12 +1281,19 @@ static const TypeInfo mps3tz_an524_info = { .class_init = mps3tz_an524_class_init, }; +static const TypeInfo mps3tz_an547_info = { + .name = TYPE_MPS3TZ_AN547_MACHINE, + .parent = TYPE_MPS2TZ_MACHINE, + .class_init = mps3tz_an547_class_init, +}; + static void mps2tz_machine_init(void) { type_register_static(&mps2tz_info); type_register_static(&mps2tz_an505_info); type_register_static(&mps2tz_an521_info); type_register_static(&mps3tz_an524_info); + type_register_static(&mps3tz_an547_info); } type_init(mps2tz_machine_init); diff --git a/hw/arm/xlnx-zcu102.c b/hw/arm/xlnx-zcu102.c index c9713638c5..a9db25eb99 100644 --- a/hw/arm/xlnx-zcu102.c +++ b/hw/arm/xlnx-zcu102.c @@ -22,7 +22,6 @@ #include "hw/boards.h" #include "qemu/error-report.h" #include "qemu/log.h" -#include "sysemu/qtest.h" #include "sysemu/device_tree.h" #include "qom/object.h" #include "net/can_emu.h" diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c index 46030c1ef8..7f01284a5c 100644 --- a/hw/arm/xlnx-zynqmp.c +++ b/hw/arm/xlnx-zynqmp.c @@ -50,6 +50,7 @@ #define QSPI_ADDR 0xff0f0000 #define LQSPI_ADDR 0xc0000000 #define QSPI_IRQ 15 +#define QSPI_DMA_ADDR 0xff0f0800 #define DP_ADDR 0xfd4a0000 #define DP_IRQ 113 @@ -284,6 +285,8 @@ static void xlnx_zynqmp_init(Object *obj) for (i = 0; i < XLNX_ZYNQMP_NUM_ADMA_CH; i++) { object_initialize_child(obj, "adma[*]", &s->adma[i], TYPE_XLNX_ZDMA); } + + object_initialize_child(obj, "qspi-dma", &s->qspi_dma, TYPE_XLNX_CSU_DMA); } static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp) @@ -301,11 +304,13 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp) ram_size = memory_region_size(s->ddr_ram); - /* Create the DDR Memory Regions. User friendly checks should happen at + /* + * Create the DDR Memory Regions. User friendly checks should happen at * the board level */ if (ram_size > XLNX_ZYNQMP_MAX_LOW_RAM_SIZE) { - /* The RAM size is above the maximum available for the low DDR. + /* + * The RAM size is above the maximum available for the low DDR. * Create the high DDR memory region as well. */ assert(ram_size <= XLNX_ZYNQMP_MAX_RAM_SIZE); @@ -521,7 +526,8 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp) SysBusDevice *sbd = SYS_BUS_DEVICE(&s->sdhci[i]); Object *sdhci = OBJECT(&s->sdhci[i]); - /* Compatible with: + /* + * Compatible with: * - SD Host Controller Specification Version 3.00 * - SDIO Specification Version 3.0 * - eMMC Specification Version 4.51 @@ -635,6 +641,15 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp) sysbus_connect_irq(SYS_BUS_DEVICE(&s->adma[i]), 0, gic_spi[adma_ch_intr[i]]); } + + if (!sysbus_realize(SYS_BUS_DEVICE(&s->qspi_dma), errp)) { + return; + } + + sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi_dma), 0, QSPI_DMA_ADDR); + sysbus_connect_irq(SYS_BUS_DEVICE(&s->qspi_dma), 0, gic_spi[QSPI_IRQ]); + object_property_set_link(OBJECT(&s->qspi), "stream-connected-dma", + OBJECT(&s->qspi_dma), errp); } static Property xlnx_zynqmp_props[] = { diff --git a/hw/arm/z2.c b/hw/arm/z2.c index 308c4da956..5099bd8380 100644 --- a/hw/arm/z2.c +++ b/hw/arm/z2.c @@ -24,7 +24,6 @@ #include "hw/audio/wm8750.h" #include "audio/audio.h" #include "exec/address-spaces.h" -#include "sysemu/qtest.h" #include "cpu.h" #include "qom/object.h" diff --git a/hw/block/meson.build b/hw/block/meson.build index 4bf994c64f..5492829155 100644 --- a/hw/block/meson.build +++ b/hw/block/meson.build @@ -13,7 +13,7 @@ softmmu_ss.add(when: 'CONFIG_SSI_M25P80', if_true: files('m25p80.c')) softmmu_ss.add(when: 'CONFIG_SWIM', if_true: files('swim.c')) softmmu_ss.add(when: 'CONFIG_XEN', if_true: files('xen-block.c')) softmmu_ss.add(when: 'CONFIG_TC58128', if_true: files('tc58128.c')) -softmmu_ss.add(when: 'CONFIG_NVME_PCI', if_true: files('nvme.c', 'nvme-ns.c')) +softmmu_ss.add(when: 'CONFIG_NVME_PCI', if_true: files('nvme.c', 'nvme-ns.c', 'nvme-subsys.c')) specific_ss.add(when: 'CONFIG_VIRTIO_BLK', if_true: files('virtio-blk.c')) specific_ss.add(when: 'CONFIG_VHOST_USER_BLK', if_true: files('vhost-user-blk.c')) diff --git a/hw/block/nvme-ns.c b/hw/block/nvme-ns.c index 93ac6e107a..eda6a0c003 100644 --- a/hw/block/nvme-ns.c +++ b/hw/block/nvme-ns.c @@ -63,6 +63,15 @@ static int nvme_ns_init(NvmeNamespace *ns, Error **errp) id_ns->npda = id_ns->npdg = npdg - 1; + if (nvme_ns_shared(ns)) { + id_ns->nmic |= NVME_NMIC_NS_SHARED; + } + + /* simple copy */ + id_ns->mssrl = cpu_to_le16(ns->params.mssrl); + id_ns->mcl = cpu_to_le32(ns->params.mcl); + id_ns->msrc = ns->params.msrc; + return 0; } @@ -154,6 +163,18 @@ static int nvme_ns_zoned_check_calc_geometry(NvmeNamespace *ns, Error **errp) return -1; } + if (ns->params.max_active_zones) { + if (ns->params.max_open_zones > ns->params.max_active_zones) { + error_setg(errp, "max_open_zones (%u) exceeds max_active_zones (%u)", + ns->params.max_open_zones, ns->params.max_active_zones); + return -1; + } + + if (!ns->params.max_open_zones) { + ns->params.max_open_zones = ns->params.max_active_zones; + } + } + if (ns->params.zd_extension_size) { if (ns->params.zd_extension_size & 0x3f) { error_setg(errp, @@ -363,16 +384,27 @@ static void nvme_ns_realize(DeviceState *dev, Error **errp) return; } - if (nvme_register_namespace(n, ns, errp)) { - return; + if (ns->subsys) { + if (nvme_subsys_register_ns(ns, errp)) { + return; + } + } else { + if (nvme_register_namespace(n, ns, errp)) { + return; + } } - } static Property nvme_ns_props[] = { DEFINE_BLOCK_PROPERTIES(NvmeNamespace, blkconf), + DEFINE_PROP_LINK("subsys", NvmeNamespace, subsys, TYPE_NVME_SUBSYS, + NvmeSubsystem *), + DEFINE_PROP_BOOL("detached", NvmeNamespace, params.detached, false), DEFINE_PROP_UINT32("nsid", NvmeNamespace, params.nsid, 0), DEFINE_PROP_UUID("uuid", NvmeNamespace, params.uuid), + DEFINE_PROP_UINT16("mssrl", NvmeNamespace, params.mssrl, 128), + DEFINE_PROP_UINT32("mcl", NvmeNamespace, params.mcl, 128), + DEFINE_PROP_UINT8("msrc", NvmeNamespace, params.msrc, 127), DEFINE_PROP_BOOL("zoned", NvmeNamespace, params.zoned, false), DEFINE_PROP_SIZE("zoned.zone_size", NvmeNamespace, params.zone_size_bs, NVME_DEFAULT_ZONE_SIZE), diff --git a/hw/block/nvme-ns.h b/hw/block/nvme-ns.h index 293ac990e3..318d3aebe1 100644 --- a/hw/block/nvme-ns.h +++ b/hw/block/nvme-ns.h @@ -26,9 +26,14 @@ typedef struct NvmeZone { } NvmeZone; typedef struct NvmeNamespaceParams { + bool detached; uint32_t nsid; QemuUUID uuid; + uint16_t mssrl; + uint32_t mcl; + uint8_t msrc; + bool zoned; bool cross_zone_read; uint64_t zone_size_bs; @@ -47,6 +52,9 @@ typedef struct NvmeNamespace { const uint32_t *iocs; uint8_t csi; + NvmeSubsystem *subsys; + QTAILQ_ENTRY(NvmeNamespace) entry; + NvmeIdNsZoned *id_ns_zoned; NvmeZone *zone_array; QTAILQ_HEAD(, NvmeZone) exp_open_zones; @@ -77,6 +85,11 @@ static inline uint32_t nvme_nsid(NvmeNamespace *ns) return -1; } +static inline bool nvme_ns_shared(NvmeNamespace *ns) +{ + return !!ns->subsys; +} + static inline NvmeLBAF *nvme_ns_lbaf(NvmeNamespace *ns) { NvmeIdNs *id_ns = &ns->id_ns; diff --git a/hw/block/nvme-subsys.c b/hw/block/nvme-subsys.c new file mode 100644 index 0000000000..af4804a819 --- /dev/null +++ b/hw/block/nvme-subsys.c @@ -0,0 +1,116 @@ +/* + * QEMU NVM Express Subsystem: nvme-subsys + * + * Copyright (c) 2021 Minwoo Im <minwoo.im.dev@gmail.com> + * + * This code is licensed under the GNU GPL v2. Refer COPYING. + */ + +#include "qemu/units.h" +#include "qemu/osdep.h" +#include "qemu/uuid.h" +#include "qemu/iov.h" +#include "qemu/cutils.h" +#include "qapi/error.h" +#include "hw/qdev-properties.h" +#include "hw/qdev-core.h" +#include "hw/block/block.h" +#include "block/aio.h" +#include "block/accounting.h" +#include "sysemu/sysemu.h" +#include "hw/pci/pci.h" +#include "nvme.h" +#include "nvme-subsys.h" + +int nvme_subsys_register_ctrl(NvmeCtrl *n, Error **errp) +{ + NvmeSubsystem *subsys = n->subsys; + int cntlid; + + for (cntlid = 0; cntlid < ARRAY_SIZE(subsys->ctrls); cntlid++) { + if (!subsys->ctrls[cntlid]) { + break; + } + } + + if (cntlid == ARRAY_SIZE(subsys->ctrls)) { + error_setg(errp, "no more free controller id"); + return -1; + } + + subsys->ctrls[cntlid] = n; + + return cntlid; +} + +int nvme_subsys_register_ns(NvmeNamespace *ns, Error **errp) +{ + NvmeSubsystem *subsys = ns->subsys; + NvmeCtrl *n; + int i; + + if (subsys->namespaces[nvme_nsid(ns)]) { + error_setg(errp, "namespace %d already registerd to subsy %s", + nvme_nsid(ns), subsys->parent_obj.id); + return -1; + } + + subsys->namespaces[nvme_nsid(ns)] = ns; + + for (i = 0; i < ARRAY_SIZE(subsys->ctrls); i++) { + n = subsys->ctrls[i]; + + if (n && nvme_register_namespace(n, ns, errp)) { + return -1; + } + } + + return 0; +} + +static void nvme_subsys_setup(NvmeSubsystem *subsys) +{ + const char *nqn = subsys->params.nqn ? + subsys->params.nqn : subsys->parent_obj.id; + + snprintf((char *)subsys->subnqn, sizeof(subsys->subnqn), + "nqn.2019-08.org.qemu:%s", nqn); +} + +static void nvme_subsys_realize(DeviceState *dev, Error **errp) +{ + NvmeSubsystem *subsys = NVME_SUBSYS(dev); + + nvme_subsys_setup(subsys); +} + +static Property nvme_subsystem_props[] = { + DEFINE_PROP_STRING("nqn", NvmeSubsystem, params.nqn), + DEFINE_PROP_END_OF_LIST(), +}; + +static void nvme_subsys_class_init(ObjectClass *oc, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(oc); + + set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); + + dc->realize = nvme_subsys_realize; + dc->desc = "Virtual NVMe subsystem"; + + device_class_set_props(dc, nvme_subsystem_props); +} + +static const TypeInfo nvme_subsys_info = { + .name = TYPE_NVME_SUBSYS, + .parent = TYPE_DEVICE, + .class_init = nvme_subsys_class_init, + .instance_size = sizeof(NvmeSubsystem), +}; + +static void nvme_subsys_register_types(void) +{ + type_register_static(&nvme_subsys_info); +} + +type_init(nvme_subsys_register_types) diff --git a/hw/block/nvme-subsys.h b/hw/block/nvme-subsys.h new file mode 100644 index 0000000000..fb66ae752a --- /dev/null +++ b/hw/block/nvme-subsys.h @@ -0,0 +1,60 @@ +/* + * QEMU NVM Express Subsystem: nvme-subsys + * + * Copyright (c) 2021 Minwoo Im <minwoo.im.dev@gmail.com> + * + * This code is licensed under the GNU GPL v2. Refer COPYING. + */ + +#ifndef NVME_SUBSYS_H +#define NVME_SUBSYS_H + +#define TYPE_NVME_SUBSYS "nvme-subsys" +#define NVME_SUBSYS(obj) \ + OBJECT_CHECK(NvmeSubsystem, (obj), TYPE_NVME_SUBSYS) + +#define NVME_SUBSYS_MAX_CTRLS 32 +#define NVME_SUBSYS_MAX_NAMESPACES 256 + +typedef struct NvmeCtrl NvmeCtrl; +typedef struct NvmeNamespace NvmeNamespace; +typedef struct NvmeSubsystem { + DeviceState parent_obj; + uint8_t subnqn[256]; + + NvmeCtrl *ctrls[NVME_SUBSYS_MAX_CTRLS]; + /* Allocated namespaces for this subsystem */ + NvmeNamespace *namespaces[NVME_SUBSYS_MAX_NAMESPACES + 1]; + + struct { + char *nqn; + } params; +} NvmeSubsystem; + +int nvme_subsys_register_ctrl(NvmeCtrl *n, Error **errp); +int nvme_subsys_register_ns(NvmeNamespace *ns, Error **errp); + +static inline NvmeCtrl *nvme_subsys_ctrl(NvmeSubsystem *subsys, + uint32_t cntlid) +{ + if (!subsys) { + return NULL; + } + + return subsys->ctrls[cntlid]; +} + +/* + * Return allocated namespace of the specified nsid in the subsystem. + */ +static inline NvmeNamespace *nvme_subsys_ns(NvmeSubsystem *subsys, + uint32_t nsid) +{ + if (!subsys) { + return NULL; + } + + return subsys->namespaces[nsid]; +} + +#endif /* NVME_SUBSYS_H */ diff --git a/hw/block/nvme.c b/hw/block/nvme.c index fb83636abd..d439e44db8 100644 --- a/hw/block/nvme.c +++ b/hw/block/nvme.c @@ -17,14 +17,17 @@ /** * Usage: add options: * -drive file=<file>,if=none,id=<drive_id> + * -device nvme-subsys,id=<subsys_id>,nqn=<nqn_id> * -device nvme,serial=<serial>,id=<bus_name>, \ * cmb_size_mb=<cmb_size_mb[optional]>, \ * [pmrdev=<mem_backend_file_id>,] \ * max_ioqpairs=<N[optional]>, \ - * aerl=<N[optional]>, aer_max_queued=<N[optional]>, \ - * mdts=<N[optional]>,zoned.append_size_limit=<N[optional]> \ + * aerl=<N[optional]>,aer_max_queued=<N[optional]>, \ + * mdts=<N[optional]>,zoned.zasl=<N[optional]>, \ + * subsys=<subsys_id> * -device nvme-ns,drive=<drive_id>,bus=<bus_name>,nsid=<nsid>,\ - * zoned=<true|false[optional]> + * zoned=<true|false[optional]>, \ + * subsys=<subsys_id>,detached=<true|false[optional]> * * Note cmb_size_mb denotes size of CMB in MB. CMB is assumed to be at * offset 0 in BAR2 and supports only WDS, RDS and SQS for now. By default, the @@ -38,9 +41,27 @@ * * The PMR will use BAR 4/5 exclusively. * + * To place controller(s) and namespace(s) to a subsystem, then provide + * nvme-subsys device as above. + * + * nvme subsystem device parameters + * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + * - `nqn` + * This parameter provides the `<nqn_id>` part of the string + * `nqn.2019-08.org.qemu:<nqn_id>` which will be reported in the SUBNQN field + * of subsystem controllers. Note that `<nqn_id>` should be unique per + * subsystem, but this is not enforced by QEMU. If not specified, it will + * default to the value of the `id` parameter (`<subsys_id>`). * * nvme device parameters * ~~~~~~~~~~~~~~~~~~~~~~ + * - `subsys` + * Specifying this parameter attaches the controller to the subsystem and + * the SUBNQN field in the controller will report the NQN of the subsystem + * device. This also enables multi controller capability represented in + * Identify Controller data structure in CMIC (Controller Multi-path I/O and + * Namesapce Sharing Capabilities). + * * - `aerl` * The Asynchronous Event Request Limit (AERL). Indicates the maximum number * of concurrently outstanding Asynchronous Event Request commands support @@ -51,13 +72,31 @@ * completion when there are no outstanding AERs. When the maximum number of * enqueued events are reached, subsequent events will be dropped. * - * - `zoned.append_size_limit` - * The maximum I/O size in bytes that is allowed in Zone Append command. - * The default is 128KiB. Since internally this this value is maintained as - * ZASL = log2(<maximum append size> / <page size>), some values assigned - * to this property may be rounded down and result in a lower maximum ZA - * data size being in effect. By setting this property to 0, users can make - * ZASL to be equal to MDTS. This property only affects zoned namespaces. + * - `mdts` + * Indicates the maximum data transfer size for a command that transfers data + * between host-accessible memory and the controller. The value is specified + * as a power of two (2^n) and is in units of the minimum memory page size + * (CAP.MPSMIN). The default value is 7 (i.e. 512 KiB). + * + * - `zoned.zasl` + * Indicates the maximum data transfer size for the Zone Append command. Like + * `mdts`, the value is specified as a power of two (2^n) and is in units of + * the minimum memory page size (CAP.MPSMIN). The default value is 0 (i.e. + * defaulting to the value of `mdts`). + * + * nvme namespace device parameters + * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + * - `subsys` + * If given, the namespace will be attached to all controllers in the + * subsystem. Otherwise, `bus` must be given to attach this namespace to a + * specific controller as a non-shared namespace. + * + * - `detached` + * This parameter is only valid together with the `subsys` parameter. If left + * at the default value (`false/off`), the namespace will be attached to all + * controllers in the NVMe subsystem at boot-up. If set to `true/on`, the + * namespace will be be available in the subsystem not not attached to any + * controllers. * * Setting `zoned` to true selects Zoned Command Set at the namespace. * In this case, the following namespace properties are available to configure @@ -157,6 +196,7 @@ static const uint32_t nvme_cse_acs[256] = { [NVME_ADM_CMD_SET_FEATURES] = NVME_CMD_EFF_CSUPP, [NVME_ADM_CMD_GET_FEATURES] = NVME_CMD_EFF_CSUPP, [NVME_ADM_CMD_ASYNC_EV_REQ] = NVME_CMD_EFF_CSUPP, + [NVME_ADM_CMD_NS_ATTACHMENT] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_NIC, }; static const uint32_t nvme_cse_iocs_none[256]; @@ -167,6 +207,7 @@ static const uint32_t nvme_cse_iocs_nvm[256] = { [NVME_CMD_WRITE] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, [NVME_CMD_READ] = NVME_CMD_EFF_CSUPP, [NVME_CMD_DSM] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, + [NVME_CMD_COPY] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, [NVME_CMD_COMPARE] = NVME_CMD_EFF_CSUPP, }; @@ -176,6 +217,7 @@ static const uint32_t nvme_cse_iocs_zoned[256] = { [NVME_CMD_WRITE] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, [NVME_CMD_READ] = NVME_CMD_EFF_CSUPP, [NVME_CMD_DSM] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, + [NVME_CMD_COPY] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, [NVME_CMD_COMPARE] = NVME_CMD_EFF_CSUPP, [NVME_CMD_ZONE_APPEND] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, [NVME_CMD_ZONE_MGMT_SEND] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, @@ -407,15 +449,31 @@ static void nvme_req_clear(NvmeRequest *req) req->status = NVME_SUCCESS; } -static void nvme_req_exit(NvmeRequest *req) +static inline void nvme_sg_init(NvmeCtrl *n, NvmeSg *sg, bool dma) { - if (req->qsg.sg) { - qemu_sglist_destroy(&req->qsg); + if (dma) { + pci_dma_sglist_init(&sg->qsg, &n->parent_obj, 0); + sg->flags = NVME_SG_DMA; + } else { + qemu_iovec_init(&sg->iov, 0); } - if (req->iov.iov) { - qemu_iovec_destroy(&req->iov); + sg->flags |= NVME_SG_ALLOC; +} + +static inline void nvme_sg_unmap(NvmeSg *sg) +{ + if (!(sg->flags & NVME_SG_ALLOC)) { + return; } + + if (sg->flags & NVME_SG_DMA) { + qemu_sglist_destroy(&sg->qsg); + } else { + qemu_iovec_destroy(&sg->iov); + } + + memset(sg, 0x0, sizeof(*sg)); } static uint16_t nvme_map_addr_cmb(NvmeCtrl *n, QEMUIOVector *iov, hwaddr addr, @@ -452,8 +510,7 @@ static uint16_t nvme_map_addr_pmr(NvmeCtrl *n, QEMUIOVector *iov, hwaddr addr, return NVME_SUCCESS; } -static uint16_t nvme_map_addr(NvmeCtrl *n, QEMUSGList *qsg, QEMUIOVector *iov, - hwaddr addr, size_t len) +static uint16_t nvme_map_addr(NvmeCtrl *n, NvmeSg *sg, hwaddr addr, size_t len) { bool cmb = false, pmr = false; @@ -470,40 +527,33 @@ static uint16_t nvme_map_addr(NvmeCtrl *n, QEMUSGList *qsg, QEMUIOVector *iov, } if (cmb || pmr) { - if (qsg && qsg->sg) { + if (sg->flags & NVME_SG_DMA) { return NVME_INVALID_USE_OF_CMB | NVME_DNR; } - assert(iov); - - if (!iov->iov) { - qemu_iovec_init(iov, 1); - } - if (cmb) { - return nvme_map_addr_cmb(n, iov, addr, len); + return nvme_map_addr_cmb(n, &sg->iov, addr, len); } else { - return nvme_map_addr_pmr(n, iov, addr, len); + return nvme_map_addr_pmr(n, &sg->iov, addr, len); } } - if (iov && iov->iov) { + if (!(sg->flags & NVME_SG_DMA)) { return NVME_INVALID_USE_OF_CMB | NVME_DNR; } - assert(qsg); - - if (!qsg->sg) { - pci_dma_sglist_init(qsg, &n->parent_obj, 1); - } - - qemu_sglist_add(qsg, addr, len); + qemu_sglist_add(&sg->qsg, addr, len); return NVME_SUCCESS; } -static uint16_t nvme_map_prp(NvmeCtrl *n, uint64_t prp1, uint64_t prp2, - uint32_t len, NvmeRequest *req) +static inline bool nvme_addr_is_dma(NvmeCtrl *n, hwaddr addr) +{ + return !(nvme_addr_is_cmb(n, addr) || nvme_addr_is_pmr(n, addr)); +} + +static uint16_t nvme_map_prp(NvmeCtrl *n, NvmeSg *sg, uint64_t prp1, + uint64_t prp2, uint32_t len) { hwaddr trans_len = n->page_size - (prp1 % n->page_size); trans_len = MIN(len, trans_len); @@ -511,20 +561,13 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, uint64_t prp1, uint64_t prp2, uint16_t status; int ret; - QEMUSGList *qsg = &req->qsg; - QEMUIOVector *iov = &req->iov; - trace_pci_nvme_map_prp(trans_len, len, prp1, prp2, num_prps); - if (nvme_addr_is_cmb(n, prp1) || (nvme_addr_is_pmr(n, prp1))) { - qemu_iovec_init(iov, num_prps); - } else { - pci_dma_sglist_init(qsg, &n->parent_obj, num_prps); - } + nvme_sg_init(n, sg, nvme_addr_is_dma(n, prp1)); - status = nvme_map_addr(n, qsg, iov, prp1, trans_len); + status = nvme_map_addr(n, sg, prp1, trans_len); if (status) { - return status; + goto unmap; } len -= trans_len; @@ -539,7 +582,8 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, uint64_t prp1, uint64_t prp2, ret = nvme_addr_read(n, prp2, (void *)prp_list, prp_trans); if (ret) { trace_pci_nvme_err_addr_read(prp2); - return NVME_DATA_TRAS_ERROR; + status = NVME_DATA_TRAS_ERROR; + goto unmap; } while (len != 0) { uint64_t prp_ent = le64_to_cpu(prp_list[i]); @@ -547,7 +591,8 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, uint64_t prp1, uint64_t prp2, if (i == n->max_prp_ents - 1 && len > n->page_size) { if (unlikely(prp_ent & (n->page_size - 1))) { trace_pci_nvme_err_invalid_prplist_ent(prp_ent); - return NVME_INVALID_PRP_OFFSET | NVME_DNR; + status = NVME_INVALID_PRP_OFFSET | NVME_DNR; + goto unmap; } i = 0; @@ -557,20 +602,22 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, uint64_t prp1, uint64_t prp2, prp_trans); if (ret) { trace_pci_nvme_err_addr_read(prp_ent); - return NVME_DATA_TRAS_ERROR; + status = NVME_DATA_TRAS_ERROR; + goto unmap; } prp_ent = le64_to_cpu(prp_list[i]); } if (unlikely(prp_ent & (n->page_size - 1))) { trace_pci_nvme_err_invalid_prplist_ent(prp_ent); - return NVME_INVALID_PRP_OFFSET | NVME_DNR; + status = NVME_INVALID_PRP_OFFSET | NVME_DNR; + goto unmap; } trans_len = MIN(len, n->page_size); - status = nvme_map_addr(n, qsg, iov, prp_ent, trans_len); + status = nvme_map_addr(n, sg, prp_ent, trans_len); if (status) { - return status; + goto unmap; } len -= trans_len; @@ -579,26 +626,30 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, uint64_t prp1, uint64_t prp2, } else { if (unlikely(prp2 & (n->page_size - 1))) { trace_pci_nvme_err_invalid_prp2_align(prp2); - return NVME_INVALID_PRP_OFFSET | NVME_DNR; + status = NVME_INVALID_PRP_OFFSET | NVME_DNR; + goto unmap; } - status = nvme_map_addr(n, qsg, iov, prp2, len); + status = nvme_map_addr(n, sg, prp2, len); if (status) { - return status; + goto unmap; } } } return NVME_SUCCESS; + +unmap: + nvme_sg_unmap(sg); + return status; } /* * Map 'nsgld' data descriptors from 'segment'. The function will subtract the * number of bytes mapped in len. */ -static uint16_t nvme_map_sgl_data(NvmeCtrl *n, QEMUSGList *qsg, - QEMUIOVector *iov, +static uint16_t nvme_map_sgl_data(NvmeCtrl *n, NvmeSg *sg, NvmeSglDescriptor *segment, uint64_t nsgld, - size_t *len, NvmeRequest *req) + size_t *len, NvmeCmd *cmd) { dma_addr_t addr, trans_len; uint32_t dlen; @@ -609,7 +660,7 @@ static uint16_t nvme_map_sgl_data(NvmeCtrl *n, QEMUSGList *qsg, switch (type) { case NVME_SGL_DESCR_TYPE_BIT_BUCKET: - if (req->cmd.opcode == NVME_CMD_WRITE) { + if (cmd->opcode == NVME_CMD_WRITE) { continue; } case NVME_SGL_DESCR_TYPE_DATA_BLOCK: @@ -638,7 +689,7 @@ static uint16_t nvme_map_sgl_data(NvmeCtrl *n, QEMUSGList *qsg, break; } - trace_pci_nvme_err_invalid_sgl_excess_length(nvme_cid(req)); + trace_pci_nvme_err_invalid_sgl_excess_length(dlen); return NVME_DATA_SGL_LEN_INVALID | NVME_DNR; } @@ -654,7 +705,7 @@ static uint16_t nvme_map_sgl_data(NvmeCtrl *n, QEMUSGList *qsg, return NVME_DATA_SGL_LEN_INVALID | NVME_DNR; } - status = nvme_map_addr(n, qsg, iov, addr, trans_len); + status = nvme_map_addr(n, sg, addr, trans_len); if (status) { return status; } @@ -666,9 +717,8 @@ next: return NVME_SUCCESS; } -static uint16_t nvme_map_sgl(NvmeCtrl *n, QEMUSGList *qsg, QEMUIOVector *iov, - NvmeSglDescriptor sgl, size_t len, - NvmeRequest *req) +static uint16_t nvme_map_sgl(NvmeCtrl *n, NvmeSg *sg, NvmeSglDescriptor sgl, + size_t len, NvmeCmd *cmd) { /* * Read the segment in chunks of 256 descriptors (one 4k page) to avoid @@ -689,14 +739,16 @@ static uint16_t nvme_map_sgl(NvmeCtrl *n, QEMUSGList *qsg, QEMUIOVector *iov, sgld = &sgl; addr = le64_to_cpu(sgl.addr); - trace_pci_nvme_map_sgl(nvme_cid(req), NVME_SGL_TYPE(sgl.type), len); + trace_pci_nvme_map_sgl(NVME_SGL_TYPE(sgl.type), len); + + nvme_sg_init(n, sg, nvme_addr_is_dma(n, addr)); /* * If the entire transfer can be described with a single data block it can * be mapped directly. */ if (NVME_SGL_TYPE(sgl.type) == NVME_SGL_DESCR_TYPE_DATA_BLOCK) { - status = nvme_map_sgl_data(n, qsg, iov, sgld, 1, &len, req); + status = nvme_map_sgl_data(n, sg, sgld, 1, &len, cmd); if (status) { goto unmap; } @@ -734,8 +786,8 @@ static uint16_t nvme_map_sgl(NvmeCtrl *n, QEMUSGList *qsg, QEMUIOVector *iov, goto unmap; } - status = nvme_map_sgl_data(n, qsg, iov, segment, SEG_CHUNK_SIZE, - &len, req); + status = nvme_map_sgl_data(n, sg, segment, SEG_CHUNK_SIZE, + &len, cmd); if (status) { goto unmap; } @@ -761,7 +813,7 @@ static uint16_t nvme_map_sgl(NvmeCtrl *n, QEMUSGList *qsg, QEMUIOVector *iov, switch (NVME_SGL_TYPE(last_sgld->type)) { case NVME_SGL_DESCR_TYPE_DATA_BLOCK: case NVME_SGL_DESCR_TYPE_BIT_BUCKET: - status = nvme_map_sgl_data(n, qsg, iov, segment, nsgld, &len, req); + status = nvme_map_sgl_data(n, sg, segment, nsgld, &len, cmd); if (status) { goto unmap; } @@ -788,7 +840,7 @@ static uint16_t nvme_map_sgl(NvmeCtrl *n, QEMUSGList *qsg, QEMUIOVector *iov, * Do not map the last descriptor; it will be a Segment or Last Segment * descriptor and is handled by the next iteration. */ - status = nvme_map_sgl_data(n, qsg, iov, segment, nsgld - 1, &len, req); + status = nvme_map_sgl_data(n, sg, segment, nsgld - 1, &len, cmd); if (status) { goto unmap; } @@ -804,83 +856,120 @@ out: return NVME_SUCCESS; unmap: - if (iov->iov) { - qemu_iovec_destroy(iov); - } - - if (qsg->sg) { - qemu_sglist_destroy(qsg); - } - + nvme_sg_unmap(sg); return status; } -static uint16_t nvme_map_dptr(NvmeCtrl *n, size_t len, NvmeRequest *req) +static uint16_t nvme_map_dptr(NvmeCtrl *n, NvmeSg *sg, size_t len, + NvmeCmd *cmd) { uint64_t prp1, prp2; - switch (NVME_CMD_FLAGS_PSDT(req->cmd.flags)) { + switch (NVME_CMD_FLAGS_PSDT(cmd->flags)) { case NVME_PSDT_PRP: - prp1 = le64_to_cpu(req->cmd.dptr.prp1); - prp2 = le64_to_cpu(req->cmd.dptr.prp2); + prp1 = le64_to_cpu(cmd->dptr.prp1); + prp2 = le64_to_cpu(cmd->dptr.prp2); - return nvme_map_prp(n, prp1, prp2, len, req); + return nvme_map_prp(n, sg, prp1, prp2, len); case NVME_PSDT_SGL_MPTR_CONTIGUOUS: case NVME_PSDT_SGL_MPTR_SGL: - /* SGLs shall not be used for Admin commands in NVMe over PCIe */ - if (!req->sq->sqid) { - return NVME_INVALID_FIELD | NVME_DNR; - } - - return nvme_map_sgl(n, &req->qsg, &req->iov, req->cmd.dptr.sgl, len, - req); + return nvme_map_sgl(n, sg, cmd->dptr.sgl, len, cmd); default: return NVME_INVALID_FIELD; } } -static uint16_t nvme_dma(NvmeCtrl *n, uint8_t *ptr, uint32_t len, - DMADirection dir, NvmeRequest *req) -{ - uint16_t status = NVME_SUCCESS; +typedef enum NvmeTxDirection { + NVME_TX_DIRECTION_TO_DEVICE = 0, + NVME_TX_DIRECTION_FROM_DEVICE = 1, +} NvmeTxDirection; - status = nvme_map_dptr(n, len, req); - if (status) { - return status; - } - - /* assert that only one of qsg and iov carries data */ - assert((req->qsg.nsg > 0) != (req->iov.niov > 0)); +static uint16_t nvme_tx(NvmeCtrl *n, NvmeSg *sg, uint8_t *ptr, uint32_t len, + NvmeTxDirection dir) +{ + assert(sg->flags & NVME_SG_ALLOC); - if (req->qsg.nsg > 0) { + if (sg->flags & NVME_SG_DMA) { uint64_t residual; - if (dir == DMA_DIRECTION_TO_DEVICE) { - residual = dma_buf_write(ptr, len, &req->qsg); + if (dir == NVME_TX_DIRECTION_TO_DEVICE) { + residual = dma_buf_write(ptr, len, &sg->qsg); } else { - residual = dma_buf_read(ptr, len, &req->qsg); + residual = dma_buf_read(ptr, len, &sg->qsg); } if (unlikely(residual)) { trace_pci_nvme_err_invalid_dma(); - status = NVME_INVALID_FIELD | NVME_DNR; + return NVME_INVALID_FIELD | NVME_DNR; } } else { size_t bytes; - if (dir == DMA_DIRECTION_TO_DEVICE) { - bytes = qemu_iovec_to_buf(&req->iov, 0, ptr, len); + if (dir == NVME_TX_DIRECTION_TO_DEVICE) { + bytes = qemu_iovec_to_buf(&sg->iov, 0, ptr, len); } else { - bytes = qemu_iovec_from_buf(&req->iov, 0, ptr, len); + bytes = qemu_iovec_from_buf(&sg->iov, 0, ptr, len); } if (unlikely(bytes != len)) { trace_pci_nvme_err_invalid_dma(); - status = NVME_INVALID_FIELD | NVME_DNR; + return NVME_INVALID_FIELD | NVME_DNR; } } - return status; + return NVME_SUCCESS; +} + +static inline uint16_t nvme_c2h(NvmeCtrl *n, uint8_t *ptr, uint32_t len, + NvmeRequest *req) +{ + uint16_t status; + + status = nvme_map_dptr(n, &req->sg, len, &req->cmd); + if (status) { + return status; + } + + return nvme_tx(n, &req->sg, ptr, len, NVME_TX_DIRECTION_FROM_DEVICE); +} + +static inline uint16_t nvme_h2c(NvmeCtrl *n, uint8_t *ptr, uint32_t len, + NvmeRequest *req) +{ + uint16_t status; + + status = nvme_map_dptr(n, &req->sg, len, &req->cmd); + if (status) { + return status; + } + + return nvme_tx(n, &req->sg, ptr, len, NVME_TX_DIRECTION_TO_DEVICE); +} + +static inline void nvme_blk_read(BlockBackend *blk, int64_t offset, + BlockCompletionFunc *cb, NvmeRequest *req) +{ + assert(req->sg.flags & NVME_SG_ALLOC); + + if (req->sg.flags & NVME_SG_DMA) { + req->aiocb = dma_blk_read(blk, &req->sg.qsg, offset, BDRV_SECTOR_SIZE, + cb, req); + } else { + req->aiocb = blk_aio_preadv(blk, offset, &req->sg.iov, 0, cb, req); + } +} + +static inline void nvme_blk_write(BlockBackend *blk, int64_t offset, + BlockCompletionFunc *cb, NvmeRequest *req) +{ + assert(req->sg.flags & NVME_SG_ALLOC); + + if (req->sg.flags & NVME_SG_DMA) { + req->aiocb = dma_blk_write(blk, &req->sg.qsg, offset, BDRV_SECTOR_SIZE, + cb, req); + } else { + req->aiocb = blk_aio_pwritev(blk, offset, &req->sg.iov, 0, cb, req); + } } static void nvme_post_cqes(void *opaque) @@ -913,7 +1002,7 @@ static void nvme_post_cqes(void *opaque) } QTAILQ_REMOVE(&cq->req_list, req, entry); nvme_inc_cq_tail(cq); - nvme_req_exit(req); + nvme_sg_unmap(&req->sg); QTAILQ_INSERT_TAIL(&sq->req_list, req, entry); } if (cq->tail != cq->head) { @@ -1048,6 +1137,7 @@ static inline uint16_t nvme_check_mdts(NvmeCtrl *n, size_t len) uint8_t mdts = n->params.mdts; if (mdts && len > n->page_size << mdts) { + trace_pci_nvme_err_mdts(len); return NVME_INVALID_FIELD | NVME_DNR; } @@ -1129,7 +1219,7 @@ static void nvme_aio_err(NvmeRequest *req, int ret) break; } - trace_pci_nvme_err_aio(nvme_cid(req), strerror(ret), status); + trace_pci_nvme_err_aio(nvme_cid(req), strerror(-ret), status); error_setg_errno(&local_err, -ret, "aio failed"); error_report_err(local_err); @@ -1185,9 +1275,8 @@ static uint16_t nvme_check_zone_state_for_write(NvmeZone *zone) return NVME_INTERNAL_DEV_ERROR; } -static uint16_t nvme_check_zone_write(NvmeCtrl *n, NvmeNamespace *ns, - NvmeZone *zone, uint64_t slba, - uint32_t nlb) +static uint16_t nvme_check_zone_write(NvmeNamespace *ns, NvmeZone *zone, + uint64_t slba, uint32_t nlb) { uint64_t zcap = nvme_zone_wr_boundary(zone); uint16_t status; @@ -1212,8 +1301,6 @@ static uint16_t nvme_check_zone_write(NvmeCtrl *n, NvmeNamespace *ns, static uint16_t nvme_check_zone_state_for_read(NvmeZone *zone) { - uint16_t status; - switch (nvme_get_zone_state(zone)) { case NVME_ZONE_STATE_EMPTY: case NVME_ZONE_STATE_IMPLICITLY_OPEN: @@ -1221,16 +1308,15 @@ static uint16_t nvme_check_zone_state_for_read(NvmeZone *zone) case NVME_ZONE_STATE_FULL: case NVME_ZONE_STATE_CLOSED: case NVME_ZONE_STATE_READ_ONLY: - status = NVME_SUCCESS; - break; + return NVME_SUCCESS; case NVME_ZONE_STATE_OFFLINE: - status = NVME_ZONE_OFFLINE; - break; + trace_pci_nvme_err_zone_is_offline(zone->d.zslba); + return NVME_ZONE_OFFLINE; default: assert(false); } - return status; + return NVME_INTERNAL_DEV_ERROR; } static uint16_t nvme_check_zone_read(NvmeNamespace *ns, uint64_t slba, @@ -1265,7 +1351,45 @@ static uint16_t nvme_check_zone_read(NvmeNamespace *ns, uint64_t slba, return status; } -static void nvme_auto_transition_zone(NvmeNamespace *ns) +static uint16_t nvme_zrm_finish(NvmeNamespace *ns, NvmeZone *zone) +{ + switch (nvme_get_zone_state(zone)) { + case NVME_ZONE_STATE_FULL: + return NVME_SUCCESS; + + case NVME_ZONE_STATE_IMPLICITLY_OPEN: + case NVME_ZONE_STATE_EXPLICITLY_OPEN: + nvme_aor_dec_open(ns); + /* fallthrough */ + case NVME_ZONE_STATE_CLOSED: + nvme_aor_dec_active(ns); + /* fallthrough */ + case NVME_ZONE_STATE_EMPTY: + nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_FULL); + return NVME_SUCCESS; + + default: + return NVME_ZONE_INVAL_TRANSITION; + } +} + +static uint16_t nvme_zrm_close(NvmeNamespace *ns, NvmeZone *zone) +{ + switch (nvme_get_zone_state(zone)) { + case NVME_ZONE_STATE_EXPLICITLY_OPEN: + case NVME_ZONE_STATE_IMPLICITLY_OPEN: + nvme_aor_dec_open(ns); + nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_CLOSED); + /* fall through */ + case NVME_ZONE_STATE_CLOSED: + return NVME_SUCCESS; + + default: + return NVME_ZONE_INVAL_TRANSITION; + } +} + +static void nvme_zrm_auto_transition_zone(NvmeNamespace *ns) { NvmeZone *zone; @@ -1277,85 +1401,92 @@ static void nvme_auto_transition_zone(NvmeNamespace *ns) * Automatically close this implicitly open zone. */ QTAILQ_REMOVE(&ns->imp_open_zones, zone, entry); - nvme_aor_dec_open(ns); - nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_CLOSED); + nvme_zrm_close(ns, zone); } } } -static uint16_t nvme_auto_open_zone(NvmeNamespace *ns, NvmeZone *zone) +static uint16_t __nvme_zrm_open(NvmeNamespace *ns, NvmeZone *zone, + bool implicit) { - uint16_t status = NVME_SUCCESS; - uint8_t zs = nvme_get_zone_state(zone); + int act = 0; + uint16_t status; - if (zs == NVME_ZONE_STATE_EMPTY) { - nvme_auto_transition_zone(ns); - status = nvme_aor_check(ns, 1, 1); - } else if (zs == NVME_ZONE_STATE_CLOSED) { - nvme_auto_transition_zone(ns); - status = nvme_aor_check(ns, 0, 1); - } + switch (nvme_get_zone_state(zone)) { + case NVME_ZONE_STATE_EMPTY: + act = 1; - return status; + /* fallthrough */ + + case NVME_ZONE_STATE_CLOSED: + nvme_zrm_auto_transition_zone(ns); + status = nvme_aor_check(ns, act, 1); + if (status) { + return status; + } + + if (act) { + nvme_aor_inc_active(ns); + } + + nvme_aor_inc_open(ns); + + if (implicit) { + nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_IMPLICITLY_OPEN); + return NVME_SUCCESS; + } + + /* fallthrough */ + + case NVME_ZONE_STATE_IMPLICITLY_OPEN: + if (implicit) { + return NVME_SUCCESS; + } + + nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_EXPLICITLY_OPEN); + + /* fallthrough */ + + case NVME_ZONE_STATE_EXPLICITLY_OPEN: + return NVME_SUCCESS; + + default: + return NVME_ZONE_INVAL_TRANSITION; + } } -static void nvme_finalize_zoned_write(NvmeNamespace *ns, NvmeRequest *req, - bool failed) +static inline uint16_t nvme_zrm_auto(NvmeNamespace *ns, NvmeZone *zone) { - NvmeRwCmd *rw = (NvmeRwCmd *)&req->cmd; - NvmeZone *zone; - NvmeZonedResult *res = (NvmeZonedResult *)&req->cqe; - uint64_t slba; - uint32_t nlb; + return __nvme_zrm_open(ns, zone, true); +} - slba = le64_to_cpu(rw->slba); - nlb = le16_to_cpu(rw->nlb) + 1; - zone = nvme_get_zone_by_slba(ns, slba); +static inline uint16_t nvme_zrm_open(NvmeNamespace *ns, NvmeZone *zone) +{ + return __nvme_zrm_open(ns, zone, false); +} +static void __nvme_advance_zone_wp(NvmeNamespace *ns, NvmeZone *zone, + uint32_t nlb) +{ zone->d.wp += nlb; - if (failed) { - res->slba = 0; - } - if (zone->d.wp == nvme_zone_wr_boundary(zone)) { - switch (nvme_get_zone_state(zone)) { - case NVME_ZONE_STATE_IMPLICITLY_OPEN: - case NVME_ZONE_STATE_EXPLICITLY_OPEN: - nvme_aor_dec_open(ns); - /* fall through */ - case NVME_ZONE_STATE_CLOSED: - nvme_aor_dec_active(ns); - /* fall through */ - case NVME_ZONE_STATE_EMPTY: - nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_FULL); - /* fall through */ - case NVME_ZONE_STATE_FULL: - break; - default: - assert(false); - } + nvme_zrm_finish(ns, zone); } } -static void nvme_advance_zone_wp(NvmeNamespace *ns, NvmeZone *zone, - uint32_t nlb) +static void nvme_finalize_zoned_write(NvmeNamespace *ns, NvmeRequest *req) { - uint8_t zs; + NvmeRwCmd *rw = (NvmeRwCmd *)&req->cmd; + NvmeZone *zone; + uint64_t slba; + uint32_t nlb; - zone->w_ptr += nlb; + slba = le64_to_cpu(rw->slba); + nlb = le16_to_cpu(rw->nlb) + 1; + zone = nvme_get_zone_by_slba(ns, slba); - if (zone->w_ptr < nvme_zone_wr_boundary(zone)) { - zs = nvme_get_zone_state(zone); - switch (zs) { - case NVME_ZONE_STATE_EMPTY: - nvme_aor_inc_active(ns); - /* fall through */ - case NVME_ZONE_STATE_CLOSED: - nvme_aor_inc_open(ns); - nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_IMPLICITLY_OPEN); - } - } + __nvme_advance_zone_wp(ns, zone, nlb); } static inline bool nvme_is_write(NvmeRequest *req) @@ -1379,9 +1510,37 @@ static void nvme_rw_cb(void *opaque, int ret) trace_pci_nvme_rw_cb(nvme_cid(req), blk_name(blk)); if (ns->params.zoned && nvme_is_write(req)) { - nvme_finalize_zoned_write(ns, req, ret != 0); + nvme_finalize_zoned_write(ns, req); + } + + if (!ret) { + block_acct_done(stats, acct); + } else { + block_acct_failed(stats, acct); + nvme_aio_err(req, ret); } + nvme_enqueue_req_completion(nvme_cq(req), req); +} + +struct nvme_aio_flush_ctx { + NvmeRequest *req; + NvmeNamespace *ns; + BlockAcctCookie acct; +}; + +static void nvme_aio_flush_cb(void *opaque, int ret) +{ + struct nvme_aio_flush_ctx *ctx = opaque; + NvmeRequest *req = ctx->req; + uintptr_t *num_flushes = (uintptr_t *)&req->opaque; + + BlockBackend *blk = ctx->ns->blkconf.blk; + BlockAcctCookie *acct = &ctx->acct; + BlockAcctStats *stats = blk_get_stats(blk); + + trace_pci_nvme_aio_flush_cb(nvme_cid(req), blk_name(blk)); + if (!ret) { block_acct_done(stats, acct); } else { @@ -1389,6 +1548,13 @@ static void nvme_rw_cb(void *opaque, int ret) nvme_aio_err(req, ret); } + (*num_flushes)--; + g_free(ctx); + + if (*num_flushes) { + return; + } + nvme_enqueue_req_completion(nvme_cq(req), req); } @@ -1459,10 +1625,139 @@ static void nvme_aio_zone_reset_cb(void *opaque, int ret) nvme_enqueue_req_completion(nvme_cq(req), req); } +struct nvme_copy_ctx { + int copies; + uint8_t *bounce; + uint32_t nlb; +}; + +struct nvme_copy_in_ctx { + NvmeRequest *req; + QEMUIOVector iov; +}; + +static void nvme_copy_cb(void *opaque, int ret) +{ + NvmeRequest *req = opaque; + NvmeNamespace *ns = req->ns; + struct nvme_copy_ctx *ctx = req->opaque; + + trace_pci_nvme_copy_cb(nvme_cid(req)); + + if (ns->params.zoned) { + NvmeCopyCmd *copy = (NvmeCopyCmd *)&req->cmd; + uint64_t sdlba = le64_to_cpu(copy->sdlba); + NvmeZone *zone = nvme_get_zone_by_slba(ns, sdlba); + + __nvme_advance_zone_wp(ns, zone, ctx->nlb); + } + + if (!ret) { + block_acct_done(blk_get_stats(ns->blkconf.blk), &req->acct); + } else { + block_acct_failed(blk_get_stats(ns->blkconf.blk), &req->acct); + nvme_aio_err(req, ret); + } + + g_free(ctx->bounce); + g_free(ctx); + + nvme_enqueue_req_completion(nvme_cq(req), req); +} + +static void nvme_copy_in_complete(NvmeRequest *req) +{ + NvmeNamespace *ns = req->ns; + NvmeCopyCmd *copy = (NvmeCopyCmd *)&req->cmd; + struct nvme_copy_ctx *ctx = req->opaque; + uint64_t sdlba = le64_to_cpu(copy->sdlba); + uint16_t status; + + trace_pci_nvme_copy_in_complete(nvme_cid(req)); + + block_acct_done(blk_get_stats(ns->blkconf.blk), &req->acct); + + status = nvme_check_bounds(ns, sdlba, ctx->nlb); + if (status) { + trace_pci_nvme_err_invalid_lba_range(sdlba, ctx->nlb, ns->id_ns.nsze); + goto invalid; + } + + if (ns->params.zoned) { + NvmeZone *zone = nvme_get_zone_by_slba(ns, sdlba); + + status = nvme_check_zone_write(ns, zone, sdlba, ctx->nlb); + if (status) { + goto invalid; + } + + status = nvme_zrm_auto(ns, zone); + if (status) { + goto invalid; + } + + zone->w_ptr += ctx->nlb; + } + + qemu_iovec_init(&req->sg.iov, 1); + qemu_iovec_add(&req->sg.iov, ctx->bounce, nvme_l2b(ns, ctx->nlb)); + + block_acct_start(blk_get_stats(ns->blkconf.blk), &req->acct, 0, + BLOCK_ACCT_WRITE); + + req->aiocb = blk_aio_pwritev(ns->blkconf.blk, nvme_l2b(ns, sdlba), + &req->sg.iov, 0, nvme_copy_cb, req); + + return; + +invalid: + req->status = status; + + g_free(ctx->bounce); + g_free(ctx); + + nvme_enqueue_req_completion(nvme_cq(req), req); +} + +static void nvme_aio_copy_in_cb(void *opaque, int ret) +{ + struct nvme_copy_in_ctx *in_ctx = opaque; + NvmeRequest *req = in_ctx->req; + NvmeNamespace *ns = req->ns; + struct nvme_copy_ctx *ctx = req->opaque; + + qemu_iovec_destroy(&in_ctx->iov); + g_free(in_ctx); + + trace_pci_nvme_aio_copy_in_cb(nvme_cid(req)); + + if (ret) { + nvme_aio_err(req, ret); + } + + ctx->copies--; + + if (ctx->copies) { + return; + } + + if (req->status) { + block_acct_failed(blk_get_stats(ns->blkconf.blk), &req->acct); + + g_free(ctx->bounce); + g_free(ctx); + + nvme_enqueue_req_completion(nvme_cq(req), req); + + return; + } + + nvme_copy_in_complete(req); +} + struct nvme_compare_ctx { QEMUIOVector iov; uint8_t *bounce; - size_t len; }; static void nvme_compare_cb(void *opaque, int ret) @@ -1483,16 +1778,15 @@ static void nvme_compare_cb(void *opaque, int ret) goto out; } - buf = g_malloc(ctx->len); + buf = g_malloc(ctx->iov.size); - status = nvme_dma(nvme_ctrl(req), buf, ctx->len, DMA_DIRECTION_TO_DEVICE, - req); + status = nvme_h2c(nvme_ctrl(req), buf, ctx->iov.size, req); if (status) { req->status = status; goto out; } - if (memcmp(buf, ctx->bounce, ctx->len)) { + if (memcmp(buf, ctx->bounce, ctx->iov.size)) { req->status = NVME_CMP_FAILURE; } @@ -1522,8 +1816,7 @@ static uint16_t nvme_dsm(NvmeCtrl *n, NvmeRequest *req) NvmeDsmRange range[nr]; uintptr_t *discards = (uintptr_t *)&req->opaque; - status = nvme_dma(n, (uint8_t *)range, sizeof(range), - DMA_DIRECTION_TO_DEVICE, req); + status = nvme_h2c(n, (uint8_t *)range, sizeof(range), req); if (status) { return status; } @@ -1548,6 +1841,10 @@ static uint16_t nvme_dsm(NvmeCtrl *n, NvmeRequest *req) trace_pci_nvme_dsm_deallocate(nvme_cid(req), nvme_nsid(ns), slba, nlb); + if (nlb > n->dmrsl) { + trace_pci_nvme_dsm_single_range_limit_exceeded(nlb, n->dmrsl); + } + offset = nvme_l2b(ns, slba); len = nvme_l2b(ns, nlb); @@ -1577,6 +1874,121 @@ static uint16_t nvme_dsm(NvmeCtrl *n, NvmeRequest *req) return status; } +static uint16_t nvme_copy(NvmeCtrl *n, NvmeRequest *req) +{ + NvmeNamespace *ns = req->ns; + NvmeCopyCmd *copy = (NvmeCopyCmd *)&req->cmd; + g_autofree NvmeCopySourceRange *range = NULL; + + uint16_t nr = copy->nr + 1; + uint8_t format = copy->control[0] & 0xf; + uint32_t nlb = 0; + + uint8_t *bounce = NULL, *bouncep = NULL; + struct nvme_copy_ctx *ctx; + uint16_t status; + int i; + + trace_pci_nvme_copy(nvme_cid(req), nvme_nsid(ns), nr, format); + + if (!(n->id_ctrl.ocfs & (1 << format))) { + trace_pci_nvme_err_copy_invalid_format(format); + return NVME_INVALID_FIELD | NVME_DNR; + } + + if (nr > ns->id_ns.msrc + 1) { + return NVME_CMD_SIZE_LIMIT | NVME_DNR; + } + + range = g_new(NvmeCopySourceRange, nr); + + status = nvme_h2c(n, (uint8_t *)range, nr * sizeof(NvmeCopySourceRange), + req); + if (status) { + return status; + } + + for (i = 0; i < nr; i++) { + uint64_t slba = le64_to_cpu(range[i].slba); + uint32_t _nlb = le16_to_cpu(range[i].nlb) + 1; + + if (_nlb > le16_to_cpu(ns->id_ns.mssrl)) { + return NVME_CMD_SIZE_LIMIT | NVME_DNR; + } + + status = nvme_check_bounds(ns, slba, _nlb); + if (status) { + trace_pci_nvme_err_invalid_lba_range(slba, _nlb, ns->id_ns.nsze); + return status; + } + + if (NVME_ERR_REC_DULBE(ns->features.err_rec)) { + status = nvme_check_dulbe(ns, slba, _nlb); + if (status) { + return status; + } + } + + if (ns->params.zoned) { + status = nvme_check_zone_read(ns, slba, _nlb); + if (status) { + return status; + } + } + + nlb += _nlb; + } + + if (nlb > le32_to_cpu(ns->id_ns.mcl)) { + return NVME_CMD_SIZE_LIMIT | NVME_DNR; + } + + bounce = bouncep = g_malloc(nvme_l2b(ns, nlb)); + + block_acct_start(blk_get_stats(ns->blkconf.blk), &req->acct, 0, + BLOCK_ACCT_READ); + + ctx = g_new(struct nvme_copy_ctx, 1); + + ctx->bounce = bounce; + ctx->nlb = nlb; + ctx->copies = 1; + + req->opaque = ctx; + + for (i = 0; i < nr; i++) { + uint64_t slba = le64_to_cpu(range[i].slba); + uint32_t nlb = le16_to_cpu(range[i].nlb) + 1; + + size_t len = nvme_l2b(ns, nlb); + int64_t offset = nvme_l2b(ns, slba); + + trace_pci_nvme_copy_source_range(slba, nlb); + + struct nvme_copy_in_ctx *in_ctx = g_new(struct nvme_copy_in_ctx, 1); + in_ctx->req = req; + + qemu_iovec_init(&in_ctx->iov, 1); + qemu_iovec_add(&in_ctx->iov, bouncep, len); + + ctx->copies++; + + blk_aio_preadv(ns->blkconf.blk, offset, &in_ctx->iov, 0, + nvme_aio_copy_in_cb, in_ctx); + + bouncep += len; + } + + /* account for the 1-initialization */ + ctx->copies--; + + if (!ctx->copies) { + nvme_copy_in_complete(req); + } + + return NVME_NO_COMPLETE; +} + static uint16_t nvme_compare(NvmeCtrl *n, NvmeRequest *req) { NvmeRwCmd *rw = (NvmeRwCmd *)&req->cmd; @@ -1594,7 +2006,6 @@ static uint16_t nvme_compare(NvmeCtrl *n, NvmeRequest *req) status = nvme_check_mdts(n, len); if (status) { - trace_pci_nvme_err_mdts(nvme_cid(req), len); return status; } @@ -1615,7 +2026,6 @@ static uint16_t nvme_compare(NvmeCtrl *n, NvmeRequest *req) ctx = g_new(struct nvme_compare_ctx, 1); ctx->bounce = bounce; - ctx->len = len; req->opaque = ctx; @@ -1630,10 +2040,56 @@ static uint16_t nvme_compare(NvmeCtrl *n, NvmeRequest *req) static uint16_t nvme_flush(NvmeCtrl *n, NvmeRequest *req) { - block_acct_start(blk_get_stats(req->ns->blkconf.blk), &req->acct, 0, - BLOCK_ACCT_FLUSH); - req->aiocb = blk_aio_flush(req->ns->blkconf.blk, nvme_rw_cb, req); - return NVME_NO_COMPLETE; + uint32_t nsid = le32_to_cpu(req->cmd.nsid); + uintptr_t *num_flushes = (uintptr_t *)&req->opaque; + uint16_t status; + struct nvme_aio_flush_ctx *ctx; + NvmeNamespace *ns; + + trace_pci_nvme_flush(nvme_cid(req), nsid); + + if (nsid != NVME_NSID_BROADCAST) { + req->ns = nvme_ns(n, nsid); + if (unlikely(!req->ns)) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + block_acct_start(blk_get_stats(req->ns->blkconf.blk), &req->acct, 0, + BLOCK_ACCT_FLUSH); + req->aiocb = blk_aio_flush(req->ns->blkconf.blk, nvme_rw_cb, req); + return NVME_NO_COMPLETE; + } + + /* 1-initialize; see comment in nvme_dsm */ + *num_flushes = 1; + + for (int i = 1; i <= n->num_namespaces; i++) { + ns = nvme_ns(n, i); + if (!ns) { + continue; + } + + ctx = g_new(struct nvme_aio_flush_ctx, 1); + ctx->req = req; + ctx->ns = ns; + + (*num_flushes)++; + + block_acct_start(blk_get_stats(ns->blkconf.blk), &ctx->acct, 0, + BLOCK_ACCT_FLUSH); + blk_aio_flush(ns->blkconf.blk, nvme_aio_flush_cb, ctx); + } + + /* account for the 1-initialization */ + (*num_flushes)--; + + if (*num_flushes) { + status = NVME_NO_COMPLETE; + } else { + status = req->status; + } + + return status; } static uint16_t nvme_read(NvmeCtrl *n, NvmeRequest *req) @@ -1651,7 +2107,6 @@ static uint16_t nvme_read(NvmeCtrl *n, NvmeRequest *req) status = nvme_check_mdts(n, data_size); if (status) { - trace_pci_nvme_err_mdts(nvme_cid(req), data_size); goto invalid; } @@ -1669,7 +2124,7 @@ static uint16_t nvme_read(NvmeCtrl *n, NvmeRequest *req) } } - status = nvme_map_dptr(n, data_size, req); + status = nvme_map_dptr(n, &req->sg, data_size, &req->cmd); if (status) { goto invalid; } @@ -1685,13 +2140,7 @@ static uint16_t nvme_read(NvmeCtrl *n, NvmeRequest *req) block_acct_start(blk_get_stats(blk), &req->acct, data_size, BLOCK_ACCT_READ); - if (req->qsg.sg) { - req->aiocb = dma_blk_read(blk, &req->qsg, data_offset, - BDRV_SECTOR_SIZE, nvme_rw_cb, req); - } else { - req->aiocb = blk_aio_preadv(blk, data_offset, &req->iov, 0, - nvme_rw_cb, req); - } + nvme_blk_read(blk, data_offset, nvme_rw_cb, req); return NVME_NO_COMPLETE; invalid: @@ -1719,7 +2168,6 @@ static uint16_t nvme_do_write(NvmeCtrl *n, NvmeRequest *req, bool append, if (!wrz) { status = nvme_check_mdts(n, data_size); if (status) { - trace_pci_nvme_err_mdts(nvme_cid(req), data_size); goto invalid; } } @@ -1740,48 +2188,40 @@ static uint16_t nvme_do_write(NvmeCtrl *n, NvmeRequest *req, bool append, goto invalid; } - if (nvme_l2b(ns, nlb) > (n->page_size << n->zasl)) { - trace_pci_nvme_err_append_too_large(slba, nlb, n->zasl); - status = NVME_INVALID_FIELD; - goto invalid; + if (n->params.zasl && data_size > n->page_size << n->params.zasl) { + trace_pci_nvme_err_zasl(data_size); + return NVME_INVALID_FIELD | NVME_DNR; } slba = zone->w_ptr; res->slba = cpu_to_le64(slba); } - status = nvme_check_zone_write(n, ns, zone, slba, nlb); + status = nvme_check_zone_write(ns, zone, slba, nlb); if (status) { goto invalid; } - status = nvme_auto_open_zone(ns, zone); + status = nvme_zrm_auto(ns, zone); if (status) { goto invalid; } - nvme_advance_zone_wp(ns, zone, nlb); + zone->w_ptr += nlb; } data_offset = nvme_l2b(ns, slba); if (!wrz) { - status = nvme_map_dptr(n, data_size, req); + status = nvme_map_dptr(n, &req->sg, data_size, &req->cmd); if (status) { goto invalid; } block_acct_start(blk_get_stats(blk), &req->acct, data_size, BLOCK_ACCT_WRITE); - if (req->qsg.sg) { - req->aiocb = dma_blk_write(blk, &req->qsg, data_offset, - BDRV_SECTOR_SIZE, nvme_rw_cb, req); - } else { - req->aiocb = blk_aio_pwritev(blk, data_offset, &req->iov, 0, - nvme_rw_cb, req); - } + nvme_blk_write(blk, data_offset, nvme_rw_cb, req); } else { - block_acct_start(blk_get_stats(blk), &req->acct, 0, BLOCK_ACCT_WRITE); req->aiocb = blk_aio_pwrite_zeroes(blk, data_offset, data_size, BDRV_REQ_MAY_UNMAP, nvme_rw_cb, req); @@ -1846,73 +2286,19 @@ enum NvmeZoneProcessingMask { static uint16_t nvme_open_zone(NvmeNamespace *ns, NvmeZone *zone, NvmeZoneState state, NvmeRequest *req) { - uint16_t status; - - switch (state) { - case NVME_ZONE_STATE_EMPTY: - status = nvme_aor_check(ns, 1, 0); - if (status) { - return status; - } - nvme_aor_inc_active(ns); - /* fall through */ - case NVME_ZONE_STATE_CLOSED: - status = nvme_aor_check(ns, 0, 1); - if (status) { - if (state == NVME_ZONE_STATE_EMPTY) { - nvme_aor_dec_active(ns); - } - return status; - } - nvme_aor_inc_open(ns); - /* fall through */ - case NVME_ZONE_STATE_IMPLICITLY_OPEN: - nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_EXPLICITLY_OPEN); - /* fall through */ - case NVME_ZONE_STATE_EXPLICITLY_OPEN: - return NVME_SUCCESS; - default: - return NVME_ZONE_INVAL_TRANSITION; - } + return nvme_zrm_open(ns, zone); } static uint16_t nvme_close_zone(NvmeNamespace *ns, NvmeZone *zone, NvmeZoneState state, NvmeRequest *req) { - switch (state) { - case NVME_ZONE_STATE_EXPLICITLY_OPEN: - case NVME_ZONE_STATE_IMPLICITLY_OPEN: - nvme_aor_dec_open(ns); - nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_CLOSED); - /* fall through */ - case NVME_ZONE_STATE_CLOSED: - return NVME_SUCCESS; - default: - return NVME_ZONE_INVAL_TRANSITION; - } + return nvme_zrm_close(ns, zone); } static uint16_t nvme_finish_zone(NvmeNamespace *ns, NvmeZone *zone, NvmeZoneState state, NvmeRequest *req) { - switch (state) { - case NVME_ZONE_STATE_EXPLICITLY_OPEN: - case NVME_ZONE_STATE_IMPLICITLY_OPEN: - nvme_aor_dec_open(ns); - /* fall through */ - case NVME_ZONE_STATE_CLOSED: - nvme_aor_dec_active(ns); - /* fall through */ - case NVME_ZONE_STATE_EMPTY: - zone->w_ptr = nvme_zone_wr_boundary(zone); - zone->d.wp = zone->w_ptr; - nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_FULL); - /* fall through */ - case NVME_ZONE_STATE_FULL: - return NVME_SUCCESS; - default: - return NVME_ZONE_INVAL_TRANSITION; - } + return nvme_zrm_finish(ns, zone); } static uint16_t nvme_reset_zone(NvmeNamespace *ns, NvmeZone *zone, @@ -2168,8 +2554,7 @@ static uint16_t nvme_zone_mgmt_send(NvmeCtrl *n, NvmeRequest *req) return NVME_INVALID_FIELD | NVME_DNR; } zd_ext = nvme_get_zd_extension(ns, zone_idx); - status = nvme_dma(n, zd_ext, ns->params.zd_extension_size, - DMA_DIRECTION_TO_DEVICE, req); + status = nvme_h2c(n, zd_ext, ns->params.zd_extension_size, req); if (status) { trace_pci_nvme_err_zd_extension_map_error(zone_idx); return status; @@ -2267,7 +2652,6 @@ static uint16_t nvme_zone_mgmt_recv(NvmeCtrl *n, NvmeRequest *req) status = nvme_check_mdts(n, data_size); if (status) { - trace_pci_nvme_err_mdts(nvme_cid(req), data_size); return status; } @@ -2324,8 +2708,7 @@ static uint16_t nvme_zone_mgmt_recv(NvmeCtrl *n, NvmeRequest *req) } } - status = nvme_dma(n, (uint8_t *)buf, data_size, - DMA_DIRECTION_FROM_DEVICE, req); + status = nvme_c2h(n, (uint8_t *)buf, data_size, req); g_free(buf); @@ -2343,6 +2726,29 @@ static uint16_t nvme_io_cmd(NvmeCtrl *n, NvmeRequest *req) return NVME_INVALID_NSID | NVME_DNR; } + /* + * In the base NVM command set, Flush may apply to all namespaces + * (indicated by NSID being set to 0xFFFFFFFF). But if that feature is used + * along with TP 4056 (Namespace Types), it may be pretty screwed up. + * + * If NSID is indeed set to 0xFFFFFFFF, we simply cannot associate the + * opcode with a specific command since we cannot determine a unique I/O + * command set. Opcode 0x0 could have any other meaning than something + * equivalent to flushing and say it DOES have completely different + * semantics in some other command set - does an NSID of 0xFFFFFFFF then + * mean "for all namespaces, apply whatever command set specific command + * that uses the 0x0 opcode?" Or does it mean "for all namespaces, apply + * whatever command that uses the 0x0 opcode if, and only if, it allows + * NSID to be 0xFFFFFFFF"? + * + * Anyway (and luckily), for now, we do not care about this since the + * device only supports namespace types that includes the NVM Flush command + * (NVM and Zoned), so always do an NVM Flush. + */ + if (req->cmd.opcode == NVME_CMD_FLUSH) { + return nvme_flush(n, req); + } + req->ns = nvme_ns(n, nsid); if (unlikely(!req->ns)) { return NVME_INVALID_FIELD | NVME_DNR; @@ -2354,8 +2760,6 @@ static uint16_t nvme_io_cmd(NvmeCtrl *n, NvmeRequest *req) } switch (req->cmd.opcode) { - case NVME_CMD_FLUSH: - return nvme_flush(n, req); case NVME_CMD_WRITE_ZEROES: return nvme_write_zeroes(n, req); case NVME_CMD_ZONE_APPEND: @@ -2368,6 +2772,8 @@ static uint16_t nvme_io_cmd(NvmeCtrl *n, NvmeRequest *req) return nvme_compare(n, req); case NVME_CMD_DSM: return nvme_dsm(n, req); + case NVME_CMD_COPY: + return nvme_copy(n, req); case NVME_CMD_ZONE_MGMT_SEND: return nvme_zone_mgmt_send(n, req); case NVME_CMD_ZONE_MGMT_RECV: @@ -2568,8 +2974,7 @@ static uint16_t nvme_smart_info(NvmeCtrl *n, uint8_t rae, uint32_t buf_len, nvme_clear_events(n, NVME_AER_TYPE_SMART); } - return nvme_dma(n, (uint8_t *) &smart + off, trans_len, - DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, (uint8_t *) &smart + off, trans_len, req); } static uint16_t nvme_fw_log_info(NvmeCtrl *n, uint32_t buf_len, uint64_t off, @@ -2587,8 +2992,7 @@ static uint16_t nvme_fw_log_info(NvmeCtrl *n, uint32_t buf_len, uint64_t off, strpadcpy((char *)&fw_log.frs1, sizeof(fw_log.frs1), "1.0", ' '); trans_len = MIN(sizeof(fw_log) - off, buf_len); - return nvme_dma(n, (uint8_t *) &fw_log + off, trans_len, - DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, (uint8_t *) &fw_log + off, trans_len, req); } static uint16_t nvme_error_info(NvmeCtrl *n, uint8_t rae, uint32_t buf_len, @@ -2608,8 +3012,49 @@ static uint16_t nvme_error_info(NvmeCtrl *n, uint8_t rae, uint32_t buf_len, memset(&errlog, 0x0, sizeof(errlog)); trans_len = MIN(sizeof(errlog) - off, buf_len); - return nvme_dma(n, (uint8_t *)&errlog, trans_len, - DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, (uint8_t *)&errlog, trans_len, req); +} + +static uint16_t nvme_changed_nslist(NvmeCtrl *n, uint8_t rae, uint32_t buf_len, + uint64_t off, NvmeRequest *req) +{ + uint32_t nslist[1024]; + uint32_t trans_len; + int i = 0; + uint32_t nsid; + + memset(nslist, 0x0, sizeof(nslist)); + trans_len = MIN(sizeof(nslist) - off, buf_len); + + while ((nsid = find_first_bit(n->changed_nsids, NVME_CHANGED_NSID_SIZE)) != + NVME_CHANGED_NSID_SIZE) { + /* + * If more than 1024 namespaces, the first entry in the log page should + * be set to 0xffffffff and the others to 0 as spec. + */ + if (i == ARRAY_SIZE(nslist)) { + memset(nslist, 0x0, sizeof(nslist)); + nslist[0] = 0xffffffff; + break; + } + + nslist[i++] = nsid; + clear_bit(nsid, n->changed_nsids); + } + + /* + * Remove all the remaining list entries in case returns directly due to + * more than 1024 namespaces. + */ + if (nslist[0] == 0xffffffff) { + bitmap_zero(n->changed_nsids, NVME_CHANGED_NSID_SIZE); + } + + if (!rae) { + nvme_clear_events(n, NVME_AER_TYPE_NOTICE); + } + + return nvme_c2h(n, ((uint8_t *)nslist) + off, trans_len, req); } static uint16_t nvme_cmd_effects(NvmeCtrl *n, uint8_t csi, uint32_t buf_len, @@ -2649,8 +3094,7 @@ static uint16_t nvme_cmd_effects(NvmeCtrl *n, uint8_t csi, uint32_t buf_len, trans_len = MIN(sizeof(log) - off, buf_len); - return nvme_dma(n, ((uint8_t *)&log) + off, trans_len, - DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, ((uint8_t *)&log) + off, trans_len, req); } static uint16_t nvme_get_log(NvmeCtrl *n, NvmeRequest *req) @@ -2686,7 +3130,6 @@ static uint16_t nvme_get_log(NvmeCtrl *n, NvmeRequest *req) status = nvme_check_mdts(n, len); if (status) { - trace_pci_nvme_err_mdts(nvme_cid(req), len); return status; } @@ -2697,6 +3140,8 @@ static uint16_t nvme_get_log(NvmeCtrl *n, NvmeRequest *req) return nvme_smart_info(n, rae, len, off, req); case NVME_LOG_FW_SLOT_INFO: return nvme_fw_log_info(n, len, off, req); + case NVME_LOG_CHANGED_NSLIST: + return nvme_changed_nslist(n, rae, len, off, req); case NVME_LOG_CMD_EFFECTS: return nvme_cmd_effects(n, csi, len, off, req); default: @@ -2819,7 +3264,7 @@ static uint16_t nvme_rpt_empty_id_struct(NvmeCtrl *n, NvmeRequest *req) { uint8_t id[NVME_IDENTIFY_DATA_SIZE] = {}; - return nvme_dma(n, id, sizeof(id), DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, id, sizeof(id), req); } static inline bool nvme_csi_has_nvm_support(NvmeNamespace *ns) @@ -2836,31 +3281,33 @@ static uint16_t nvme_identify_ctrl(NvmeCtrl *n, NvmeRequest *req) { trace_pci_nvme_identify_ctrl(); - return nvme_dma(n, (uint8_t *)&n->id_ctrl, sizeof(n->id_ctrl), - DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, (uint8_t *)&n->id_ctrl, sizeof(n->id_ctrl), req); } static uint16_t nvme_identify_ctrl_csi(NvmeCtrl *n, NvmeRequest *req) { NvmeIdentify *c = (NvmeIdentify *)&req->cmd; - NvmeIdCtrlZoned id = {}; + uint8_t id[NVME_IDENTIFY_DATA_SIZE] = {}; trace_pci_nvme_identify_ctrl_csi(c->csi); - if (c->csi == NVME_CSI_NVM) { - return nvme_rpt_empty_id_struct(n, req); - } else if (c->csi == NVME_CSI_ZONED) { - if (n->params.zasl_bs) { - id.zasl = n->zasl; - } - return nvme_dma(n, (uint8_t *)&id, sizeof(id), - DMA_DIRECTION_FROM_DEVICE, req); + switch (c->csi) { + case NVME_CSI_NVM: + ((NvmeIdCtrlNvm *)&id)->dmrsl = cpu_to_le32(n->dmrsl); + break; + + case NVME_CSI_ZONED: + ((NvmeIdCtrlZoned *)&id)->zasl = n->params.zasl; + break; + + default: + return NVME_INVALID_FIELD | NVME_DNR; } - return NVME_INVALID_FIELD | NVME_DNR; + return nvme_c2h(n, id, sizeof(id), req); } -static uint16_t nvme_identify_ns(NvmeCtrl *n, NvmeRequest *req) +static uint16_t nvme_identify_ns(NvmeCtrl *n, NvmeRequest *req, bool active) { NvmeNamespace *ns; NvmeIdentify *c = (NvmeIdentify *)&req->cmd; @@ -2874,18 +3321,64 @@ static uint16_t nvme_identify_ns(NvmeCtrl *n, NvmeRequest *req) ns = nvme_ns(n, nsid); if (unlikely(!ns)) { - return nvme_rpt_empty_id_struct(n, req); + if (!active) { + ns = nvme_subsys_ns(n->subsys, nsid); + if (!ns) { + return nvme_rpt_empty_id_struct(n, req); + } + } else { + return nvme_rpt_empty_id_struct(n, req); + } } if (c->csi == NVME_CSI_NVM && nvme_csi_has_nvm_support(ns)) { - return nvme_dma(n, (uint8_t *)&ns->id_ns, sizeof(NvmeIdNs), - DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, (uint8_t *)&ns->id_ns, sizeof(NvmeIdNs), req); } return NVME_INVALID_CMD_SET | NVME_DNR; } -static uint16_t nvme_identify_ns_csi(NvmeCtrl *n, NvmeRequest *req) +static uint16_t nvme_identify_ns_attached_list(NvmeCtrl *n, NvmeRequest *req) +{ + NvmeIdentify *c = (NvmeIdentify *)&req->cmd; + uint16_t min_id = le16_to_cpu(c->ctrlid); + uint16_t list[NVME_CONTROLLER_LIST_SIZE] = {}; + uint16_t *ids = &list[1]; + NvmeNamespace *ns; + NvmeCtrl *ctrl; + int cntlid, nr_ids = 0; + + trace_pci_nvme_identify_ns_attached_list(min_id); + + if (c->nsid == NVME_NSID_BROADCAST) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + ns = nvme_subsys_ns(n->subsys, c->nsid); + if (!ns) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + for (cntlid = min_id; cntlid < ARRAY_SIZE(n->subsys->ctrls); cntlid++) { + ctrl = nvme_subsys_ctrl(n->subsys, cntlid); + if (!ctrl) { + continue; + } + + if (!nvme_ns_is_attached(ctrl, ns)) { + continue; + } + + ids[nr_ids++] = cntlid; + } + + list[0] = nr_ids; + + return nvme_c2h(n, (uint8_t *)list, sizeof(list), req); +} + +static uint16_t nvme_identify_ns_csi(NvmeCtrl *n, NvmeRequest *req, + bool active) { NvmeNamespace *ns; NvmeIdentify *c = (NvmeIdentify *)&req->cmd; @@ -2899,20 +3392,28 @@ static uint16_t nvme_identify_ns_csi(NvmeCtrl *n, NvmeRequest *req) ns = nvme_ns(n, nsid); if (unlikely(!ns)) { - return nvme_rpt_empty_id_struct(n, req); + if (!active) { + ns = nvme_subsys_ns(n->subsys, nsid); + if (!ns) { + return nvme_rpt_empty_id_struct(n, req); + } + } else { + return nvme_rpt_empty_id_struct(n, req); + } } if (c->csi == NVME_CSI_NVM && nvme_csi_has_nvm_support(ns)) { return nvme_rpt_empty_id_struct(n, req); } else if (c->csi == NVME_CSI_ZONED && ns->csi == NVME_CSI_ZONED) { - return nvme_dma(n, (uint8_t *)ns->id_ns_zoned, sizeof(NvmeIdNsZoned), - DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, (uint8_t *)ns->id_ns_zoned, sizeof(NvmeIdNsZoned), + req); } return NVME_INVALID_FIELD | NVME_DNR; } -static uint16_t nvme_identify_nslist(NvmeCtrl *n, NvmeRequest *req) +static uint16_t nvme_identify_nslist(NvmeCtrl *n, NvmeRequest *req, + bool active) { NvmeNamespace *ns; NvmeIdentify *c = (NvmeIdentify *)&req->cmd; @@ -2937,7 +3438,14 @@ static uint16_t nvme_identify_nslist(NvmeCtrl *n, NvmeRequest *req) for (i = 1; i <= n->num_namespaces; i++) { ns = nvme_ns(n, i); if (!ns) { - continue; + if (!active) { + ns = nvme_subsys_ns(n->subsys, i); + if (!ns) { + continue; + } + } else { + continue; + } } if (ns->params.nsid <= min_nsid) { continue; @@ -2948,10 +3456,11 @@ static uint16_t nvme_identify_nslist(NvmeCtrl *n, NvmeRequest *req) } } - return nvme_dma(n, list, data_len, DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, list, data_len, req); } -static uint16_t nvme_identify_nslist_csi(NvmeCtrl *n, NvmeRequest *req) +static uint16_t nvme_identify_nslist_csi(NvmeCtrl *n, NvmeRequest *req, + bool active) { NvmeNamespace *ns; NvmeIdentify *c = (NvmeIdentify *)&req->cmd; @@ -2977,7 +3486,14 @@ static uint16_t nvme_identify_nslist_csi(NvmeCtrl *n, NvmeRequest *req) for (i = 1; i <= n->num_namespaces; i++) { ns = nvme_ns(n, i); if (!ns) { - continue; + if (!active) { + ns = nvme_subsys_ns(n->subsys, i); + if (!ns) { + continue; + } + } else { + continue; + } } if (ns->params.nsid <= min_nsid || c->csi != ns->csi) { continue; @@ -2988,7 +3504,7 @@ static uint16_t nvme_identify_nslist_csi(NvmeCtrl *n, NvmeRequest *req) } } - return nvme_dma(n, list, data_len, DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, list, data_len, req); } static uint16_t nvme_identify_ns_descr_list(NvmeCtrl *n, NvmeRequest *req) @@ -3035,7 +3551,7 @@ static uint16_t nvme_identify_ns_descr_list(NvmeCtrl *n, NvmeRequest *req) ns_descrs->csi.hdr.nidl = NVME_NIDL_CSI; ns_descrs->csi.v = ns->csi; - return nvme_dma(n, list, sizeof(list), DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, list, sizeof(list), req); } static uint16_t nvme_identify_cmd_set(NvmeCtrl *n, NvmeRequest *req) @@ -3048,34 +3564,39 @@ static uint16_t nvme_identify_cmd_set(NvmeCtrl *n, NvmeRequest *req) NVME_SET_CSI(*list, NVME_CSI_NVM); NVME_SET_CSI(*list, NVME_CSI_ZONED); - return nvme_dma(n, list, data_len, DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, list, data_len, req); } static uint16_t nvme_identify(NvmeCtrl *n, NvmeRequest *req) { NvmeIdentify *c = (NvmeIdentify *)&req->cmd; - switch (le32_to_cpu(c->cns)) { + trace_pci_nvme_identify(nvme_cid(req), c->cns, le16_to_cpu(c->ctrlid), + c->csi); + + switch (c->cns) { case NVME_ID_CNS_NS: - /* fall through */ + return nvme_identify_ns(n, req, true); case NVME_ID_CNS_NS_PRESENT: - return nvme_identify_ns(n, req); + return nvme_identify_ns(n, req, false); + case NVME_ID_CNS_NS_ATTACHED_CTRL_LIST: + return nvme_identify_ns_attached_list(n, req); case NVME_ID_CNS_CS_NS: - /* fall through */ + return nvme_identify_ns_csi(n, req, true); case NVME_ID_CNS_CS_NS_PRESENT: - return nvme_identify_ns_csi(n, req); + return nvme_identify_ns_csi(n, req, false); case NVME_ID_CNS_CTRL: return nvme_identify_ctrl(n, req); case NVME_ID_CNS_CS_CTRL: return nvme_identify_ctrl_csi(n, req); case NVME_ID_CNS_NS_ACTIVE_LIST: - /* fall through */ + return nvme_identify_nslist(n, req, true); case NVME_ID_CNS_NS_PRESENT_LIST: - return nvme_identify_nslist(n, req); + return nvme_identify_nslist(n, req, false); case NVME_ID_CNS_CS_NS_ACTIVE_LIST: - /* fall through */ + return nvme_identify_nslist_csi(n, req, true); case NVME_ID_CNS_CS_NS_PRESENT_LIST: - return nvme_identify_nslist_csi(n, req); + return nvme_identify_nslist_csi(n, req, false); case NVME_ID_CNS_NS_DESCR_LIST: return nvme_identify_ns_descr_list(n, req); case NVME_ID_CNS_IO_COMMAND_SET: @@ -3137,8 +3658,7 @@ static uint16_t nvme_get_feature_timestamp(NvmeCtrl *n, NvmeRequest *req) { uint64_t timestamp = nvme_get_timestamp(n); - return nvme_dma(n, (uint8_t *)×tamp, sizeof(timestamp), - DMA_DIRECTION_FROM_DEVICE, req); + return nvme_c2h(n, (uint8_t *)×tamp, sizeof(timestamp), req); } static uint16_t nvme_get_feature(NvmeCtrl *n, NvmeRequest *req) @@ -3299,8 +3819,7 @@ static uint16_t nvme_set_feature_timestamp(NvmeCtrl *n, NvmeRequest *req) uint16_t ret; uint64_t timestamp; - ret = nvme_dma(n, (uint8_t *)×tamp, sizeof(timestamp), - DMA_DIRECTION_TO_DEVICE, req); + ret = nvme_h2c(n, (uint8_t *)×tamp, sizeof(timestamp), req); if (ret) { return ret; } @@ -3472,6 +3991,71 @@ static uint16_t nvme_aer(NvmeCtrl *n, NvmeRequest *req) return NVME_NO_COMPLETE; } +static void __nvme_select_ns_iocs(NvmeCtrl *n, NvmeNamespace *ns); +static uint16_t nvme_ns_attachment(NvmeCtrl *n, NvmeRequest *req) +{ + NvmeNamespace *ns; + NvmeCtrl *ctrl; + uint16_t list[NVME_CONTROLLER_LIST_SIZE] = {}; + uint32_t nsid = le32_to_cpu(req->cmd.nsid); + uint32_t dw10 = le32_to_cpu(req->cmd.cdw10); + bool attach = !(dw10 & 0xf); + uint16_t *nr_ids = &list[0]; + uint16_t *ids = &list[1]; + uint16_t ret; + int i; + + trace_pci_nvme_ns_attachment(nvme_cid(req), dw10 & 0xf); + + ns = nvme_subsys_ns(n->subsys, nsid); + if (!ns) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + ret = nvme_h2c(n, (uint8_t *)list, 4096, req); + if (ret) { + return ret; + } + + if (!*nr_ids) { + return NVME_NS_CTRL_LIST_INVALID | NVME_DNR; + } + + for (i = 0; i < *nr_ids; i++) { + ctrl = nvme_subsys_ctrl(n->subsys, ids[i]); + if (!ctrl) { + return NVME_NS_CTRL_LIST_INVALID | NVME_DNR; + } + + if (attach) { + if (nvme_ns_is_attached(ctrl, ns)) { + return NVME_NS_ALREADY_ATTACHED | NVME_DNR; + } + + nvme_ns_attach(ctrl, ns); + __nvme_select_ns_iocs(ctrl, ns); + } else { + if (!nvme_ns_is_attached(ctrl, ns)) { + return NVME_NS_NOT_ATTACHED | NVME_DNR; + } + + nvme_ns_detach(ctrl, ns); + } + + /* + * Add namespace id to the changed namespace id list for event clearing + * via Get Log Page command. + */ + if (!test_and_set_bit(nsid, ctrl->changed_nsids)) { + nvme_enqueue_event(ctrl, NVME_AER_TYPE_NOTICE, + NVME_AER_INFO_NOTICE_NS_ATTR_CHANGED, + NVME_LOG_CHANGED_NSLIST); + } + } + + return NVME_SUCCESS; +} + static uint16_t nvme_admin_cmd(NvmeCtrl *n, NvmeRequest *req) { trace_pci_nvme_admin_cmd(nvme_cid(req), nvme_sqid(req), req->cmd.opcode, @@ -3482,6 +4066,11 @@ static uint16_t nvme_admin_cmd(NvmeCtrl *n, NvmeRequest *req) return NVME_INVALID_OPCODE | NVME_DNR; } + /* SGLs shall not be used for Admin commands in NVMe over PCIe */ + if (NVME_CMD_FLAGS_PSDT(req->cmd.flags) != NVME_PSDT_PRP) { + return NVME_INVALID_FIELD | NVME_DNR; + } + switch (req->cmd.opcode) { case NVME_ADM_CMD_DELETE_SQ: return nvme_del_sq(n, req); @@ -3503,6 +4092,8 @@ static uint16_t nvme_admin_cmd(NvmeCtrl *n, NvmeRequest *req) return nvme_get_feature(n, req); case NVME_ADM_CMD_ASYNC_EV_REQ: return nvme_aer(n, req); + case NVME_ADM_CMD_NS_ATTACHMENT: + return nvme_ns_attachment(n, req); default: assert(false); } @@ -3604,6 +4195,25 @@ static void nvme_ctrl_shutdown(NvmeCtrl *n) } } +static void __nvme_select_ns_iocs(NvmeCtrl *n, NvmeNamespace *ns) +{ + ns->iocs = nvme_cse_iocs_none; + switch (ns->csi) { + case NVME_CSI_NVM: + if (NVME_CC_CSS(n->bar.cc) != NVME_CC_CSS_ADMIN_ONLY) { + ns->iocs = nvme_cse_iocs_nvm; + } + break; + case NVME_CSI_ZONED: + if (NVME_CC_CSS(n->bar.cc) == NVME_CC_CSS_CSI) { + ns->iocs = nvme_cse_iocs_zoned; + } else if (NVME_CC_CSS(n->bar.cc) == NVME_CC_CSS_NVM) { + ns->iocs = nvme_cse_iocs_nvm; + } + break; + } +} + static void nvme_select_ns_iocs(NvmeCtrl *n) { NvmeNamespace *ns; @@ -3614,21 +4224,8 @@ static void nvme_select_ns_iocs(NvmeCtrl *n) if (!ns) { continue; } - ns->iocs = nvme_cse_iocs_none; - switch (ns->csi) { - case NVME_CSI_NVM: - if (NVME_CC_CSS(n->bar.cc) != NVME_CC_CSS_ADMIN_ONLY) { - ns->iocs = nvme_cse_iocs_nvm; - } - break; - case NVME_CSI_ZONED: - if (NVME_CC_CSS(n->bar.cc) == NVME_CC_CSS_CSI) { - ns->iocs = nvme_cse_iocs_zoned; - } else if (NVME_CC_CSS(n->bar.cc) == NVME_CC_CSS_NVM) { - ns->iocs = nvme_cse_iocs_nvm; - } - break; - } + + __nvme_select_ns_iocs(n, ns); } } @@ -3726,17 +4323,6 @@ static int nvme_start_ctrl(NvmeCtrl *n) nvme_init_sq(&n->admin_sq, n, n->bar.asq, 0, 0, NVME_AQA_ASQS(n->bar.aqa) + 1); - if (!n->params.zasl_bs) { - n->zasl = n->params.mdts; - } else { - if (n->params.zasl_bs < n->page_size) { - trace_pci_nvme_err_startfail_zasl_too_small(n->params.zasl_bs, - n->page_size); - return -1; - } - n->zasl = 31 - clz32(n->params.zasl_bs / n->page_size); - } - nvme_set_timestamp(n, 0ULL); QTAILQ_INIT(&n->aer_queue); @@ -4245,11 +4831,10 @@ static void nvme_check_constraints(NvmeCtrl *n, Error **errp) host_memory_backend_set_mapped(n->pmr.dev, true); } - if (n->params.zasl_bs) { - if (!is_power_of_2(n->params.zasl_bs)) { - error_setg(errp, "zone append size limit has to be a power of 2"); - return; - } + if (n->params.zasl > n->params.mdts) { + error_setg(errp, "zoned.zasl (Zone Append Size Limit) must be less " + "than or equal to mdts (Maximum Data Transfer Size)"); + return; } } @@ -4267,6 +4852,20 @@ static void nvme_init_state(NvmeCtrl *n) n->aer_reqs = g_new0(NvmeRequest *, n->params.aerl + 1); } +static int nvme_attach_namespace(NvmeCtrl *n, NvmeNamespace *ns, Error **errp) +{ + if (nvme_ns_is_attached(n, ns)) { + error_setg(errp, + "namespace %d is already attached to controller %d", + nvme_nsid(ns), n->cntlid); + return -1; + } + + nvme_ns_attach(n, ns); + + return 0; +} + int nvme_register_namespace(NvmeCtrl *n, NvmeNamespace *ns, Error **errp) { uint32_t nsid = nvme_nsid(ns); @@ -4298,7 +4897,26 @@ int nvme_register_namespace(NvmeCtrl *n, NvmeNamespace *ns, Error **errp) trace_pci_nvme_register_namespace(nsid); - n->namespaces[nsid - 1] = ns; + /* + * If subsys is not given, namespae is always attached to the controller + * because there's no subsystem to manage namespace allocation. + */ + if (!n->subsys) { + if (ns->params.detached) { + error_setg(errp, + "detached needs nvme-subsys specified nvme or nvme-ns"); + return -1; + } + + return nvme_attach_namespace(n, ns, errp); + } else { + if (!ns->params.detached) { + return nvme_attach_namespace(n, ns, errp); + } + } + + n->dmrsl = MIN_NON_ZERO(n->dmrsl, + BDRV_REQUEST_MAX_BYTES / nvme_l2b(ns, 1)); return 0; } @@ -4405,24 +5023,49 @@ static int nvme_init_pci(NvmeCtrl *n, PCIDevice *pci_dev, Error **errp) return 0; } +static void nvme_init_subnqn(NvmeCtrl *n) +{ + NvmeSubsystem *subsys = n->subsys; + NvmeIdCtrl *id = &n->id_ctrl; + + if (!subsys) { + snprintf((char *)id->subnqn, sizeof(id->subnqn), + "nqn.2019-08.org.qemu:%s", n->params.serial); + } else { + pstrcpy((char *)id->subnqn, sizeof(id->subnqn), (char*)subsys->subnqn); + } +} + static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice *pci_dev) { NvmeIdCtrl *id = &n->id_ctrl; uint8_t *pci_conf = pci_dev->config; - char *subnqn; id->vid = cpu_to_le16(pci_get_word(pci_conf + PCI_VENDOR_ID)); id->ssvid = cpu_to_le16(pci_get_word(pci_conf + PCI_SUBSYSTEM_VENDOR_ID)); strpadcpy((char *)id->mn, sizeof(id->mn), "QEMU NVMe Ctrl", ' '); strpadcpy((char *)id->fr, sizeof(id->fr), "1.0", ' '); strpadcpy((char *)id->sn, sizeof(id->sn), n->params.serial, ' '); + + id->cntlid = cpu_to_le16(n->cntlid); + + id->oaes = cpu_to_le32(NVME_OAES_NS_ATTR); + id->rab = 6; - id->ieee[0] = 0x00; - id->ieee[1] = 0x02; - id->ieee[2] = 0xb3; + + if (n->params.use_intel_id) { + id->ieee[0] = 0xb3; + id->ieee[1] = 0x02; + id->ieee[2] = 0x00; + } else { + id->ieee[0] = 0x00; + id->ieee[1] = 0x54; + id->ieee[2] = 0x52; + } + id->mdts = n->params.mdts; id->ver = cpu_to_le32(NVME_SPEC_VER); - id->oacs = cpu_to_le16(0); + id->oacs = cpu_to_le16(NVME_OACS_NS_MGMT); id->cntrltype = 0x1; /* @@ -4450,20 +5093,31 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice *pci_dev) id->nn = cpu_to_le32(n->num_namespaces); id->oncs = cpu_to_le16(NVME_ONCS_WRITE_ZEROES | NVME_ONCS_TIMESTAMP | NVME_ONCS_FEATURES | NVME_ONCS_DSM | - NVME_ONCS_COMPARE); + NVME_ONCS_COMPARE | NVME_ONCS_COPY); - id->vwc = (0x2 << 1) | 0x1; + /* + * NOTE: If this device ever supports a command set that does NOT use 0x0 + * as a Flush-equivalent operation, support for the broadcast NSID in Flush + * should probably be removed. + * + * See comment in nvme_io_cmd. + */ + id->vwc = NVME_VWC_NSID_BROADCAST_SUPPORT | NVME_VWC_PRESENT; + + id->ocfs = cpu_to_le16(NVME_OCFS_COPY_FORMAT_0); id->sgls = cpu_to_le32(NVME_CTRL_SGLS_SUPPORT_NO_ALIGN | NVME_CTRL_SGLS_BITBUCKET); - subnqn = g_strdup_printf("nqn.2019-08.org.qemu:%s", n->params.serial); - strpadcpy((char *)id->subnqn, sizeof(id->subnqn), subnqn, '\0'); - g_free(subnqn); + nvme_init_subnqn(n); id->psd[0].mp = cpu_to_le16(0x9c4); id->psd[0].enlat = cpu_to_le32(0x10); id->psd[0].exlat = cpu_to_le32(0x4); + if (n->subsys) { + id->cmic |= NVME_CMIC_MULTI_CTRL; + } + NVME_CAP_SET_MQES(n->bar.cap, 0x7ff); NVME_CAP_SET_CQR(n->bar.cap, 1); NVME_CAP_SET_TO(n->bar.cap, 0xf); @@ -4478,6 +5132,24 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice *pci_dev) n->bar.intmc = n->bar.intms = 0; } +static int nvme_init_subsys(NvmeCtrl *n, Error **errp) +{ + int cntlid; + + if (!n->subsys) { + return 0; + } + + cntlid = nvme_subsys_register_ctrl(n, errp); + if (cntlid < 0) { + return -1; + } + + n->cntlid = cntlid; + + return 0; +} + static void nvme_realize(PCIDevice *pci_dev, Error **errp) { NvmeCtrl *n = NVME(pci_dev); @@ -4498,6 +5170,10 @@ static void nvme_realize(PCIDevice *pci_dev, Error **errp) return; } + if (nvme_init_subsys(n, errp)) { + error_propagate(errp, local_err); + return; + } nvme_init_ctrl(n, pci_dev); /* setup a namespace if the controller drive property was given */ @@ -4550,6 +5226,8 @@ static Property nvme_props[] = { DEFINE_BLOCK_PROPERTIES(NvmeCtrl, namespace.blkconf), DEFINE_PROP_LINK("pmrdev", NvmeCtrl, pmr.dev, TYPE_MEMORY_BACKEND, HostMemoryBackend *), + DEFINE_PROP_LINK("subsys", NvmeCtrl, subsys, TYPE_NVME_SUBSYS, + NvmeSubsystem *), DEFINE_PROP_STRING("serial", NvmeCtrl, params.serial), DEFINE_PROP_UINT32("cmb_size_mb", NvmeCtrl, params.cmb_size_mb, 0), DEFINE_PROP_UINT32("num_queues", NvmeCtrl, params.num_queues, 0), @@ -4560,8 +5238,7 @@ static Property nvme_props[] = { DEFINE_PROP_UINT8("mdts", NvmeCtrl, params.mdts, 7), DEFINE_PROP_BOOL("use-intel-id", NvmeCtrl, params.use_intel_id, false), DEFINE_PROP_BOOL("legacy-cmb", NvmeCtrl, params.legacy_cmb, false), - DEFINE_PROP_SIZE32("zoned.append_size_limit", NvmeCtrl, params.zasl_bs, - NVME_DEFAULT_MAX_ZA_SIZE), + DEFINE_PROP_UINT8("zoned.zasl", NvmeCtrl, params.zasl, 0), DEFINE_PROP_END_OF_LIST(), }; diff --git a/hw/block/nvme.h b/hw/block/nvme.h index dee6092bd4..4955d649c7 100644 --- a/hw/block/nvme.h +++ b/hw/block/nvme.h @@ -2,6 +2,7 @@ #define HW_NVME_H #include "block/nvme.h" +#include "nvme-subsys.h" #include "nvme-ns.h" #define NVME_MAX_NAMESPACES 256 @@ -9,6 +10,12 @@ #define NVME_DEFAULT_ZONE_SIZE (128 * MiB) #define NVME_DEFAULT_MAX_ZA_SIZE (128 * KiB) +/* + * Subsystem namespace list for allocated namespaces should be larger than + * attached namespace list in a controller. + */ +QEMU_BUILD_BUG_ON(NVME_MAX_NAMESPACES > NVME_SUBSYS_MAX_NAMESPACES); + typedef struct NvmeParams { char *serial; uint32_t num_queues; /* deprecated since 5.1 */ @@ -19,7 +26,7 @@ typedef struct NvmeParams { uint32_t aer_max_queued; uint8_t mdts; bool use_intel_id; - uint32_t zasl_bs; + uint8_t zasl; bool legacy_cmb; } NvmeParams; @@ -28,6 +35,20 @@ typedef struct NvmeAsyncEvent { NvmeAerResult result; } NvmeAsyncEvent; +enum { + NVME_SG_ALLOC = 1 << 0, + NVME_SG_DMA = 1 << 1, +}; + +typedef struct NvmeSg { + int flags; + + union { + QEMUSGList qsg; + QEMUIOVector iov; + }; +} NvmeSg; + typedef struct NvmeRequest { struct NvmeSQueue *sq; struct NvmeNamespace *ns; @@ -37,8 +58,7 @@ typedef struct NvmeRequest { NvmeCqe cqe; NvmeCmd cmd; BlockAcctCookie acct; - QEMUSGList qsg; - QEMUIOVector iov; + NvmeSg sg; QTAILQ_ENTRY(NvmeRequest)entry; } NvmeRequest; @@ -68,6 +88,7 @@ static inline const char *nvme_io_opc_str(uint8_t opc) case NVME_CMD_COMPARE: return "NVME_NVM_CMD_COMPARE"; case NVME_CMD_WRITE_ZEROES: return "NVME_NVM_CMD_WRITE_ZEROES"; case NVME_CMD_DSM: return "NVME_NVM_CMD_DSM"; + case NVME_CMD_COPY: return "NVME_NVM_CMD_COPY"; case NVME_CMD_ZONE_MGMT_SEND: return "NVME_ZONED_CMD_MGMT_SEND"; case NVME_CMD_ZONE_MGMT_RECV: return "NVME_ZONED_CMD_MGMT_RECV"; case NVME_CMD_ZONE_APPEND: return "NVME_ZONED_CMD_ZONE_APPEND"; @@ -133,6 +154,7 @@ typedef struct NvmeCtrl { NvmeBus bus; BlockConf conf; + uint16_t cntlid; bool qs_created; uint32_t page_size; uint16_t page_bits; @@ -168,9 +190,19 @@ typedef struct NvmeCtrl { QTAILQ_HEAD(, NvmeAsyncEvent) aer_queue; int aer_queued; - uint8_t zasl; + uint32_t dmrsl; + + /* Namespace ID is started with 1 so bitmap should be 1-based */ +#define NVME_CHANGED_NSID_SIZE (NVME_MAX_NAMESPACES + 1) + DECLARE_BITMAP(changed_nsids, NVME_CHANGED_NSID_SIZE); + + NvmeSubsystem *subsys; NvmeNamespace namespace; + /* + * Attached namespaces to this controller. If subsys is not given, all + * namespaces in this list will always be attached. + */ NvmeNamespace *namespaces[NVME_MAX_NAMESPACES]; NvmeSQueue **sq; NvmeCQueue **cq; @@ -189,6 +221,29 @@ static inline NvmeNamespace *nvme_ns(NvmeCtrl *n, uint32_t nsid) return n->namespaces[nsid - 1]; } +static inline bool nvme_ns_is_attached(NvmeCtrl *n, NvmeNamespace *ns) +{ + int nsid; + + for (nsid = 1; nsid <= n->num_namespaces; nsid++) { + if (nvme_ns(n, nsid) == ns) { + return true; + } + } + + return false; +} + +static inline void nvme_ns_attach(NvmeCtrl *n, NvmeNamespace *ns) +{ + n->namespaces[nvme_nsid(ns) - 1] = ns; +} + +static inline void nvme_ns_detach(NvmeCtrl *n, NvmeNamespace *ns) +{ + n->namespaces[nvme_nsid(ns) - 1] = NULL; +} + static inline NvmeCQueue *nvme_cq(NvmeRequest *req) { NvmeSQueue *sq = req->sq; diff --git a/hw/block/trace-events b/hw/block/trace-events index d32475c398..ef06d2ea74 100644 --- a/hw/block/trace-events +++ b/hw/block/trace-events @@ -37,26 +37,36 @@ pci_nvme_dma_read(uint64_t prp1, uint64_t prp2) "DMA read, prp1=0x%"PRIx64" prp2 pci_nvme_map_addr(uint64_t addr, uint64_t len) "addr 0x%"PRIx64" len %"PRIu64"" pci_nvme_map_addr_cmb(uint64_t addr, uint64_t len) "addr 0x%"PRIx64" len %"PRIu64"" pci_nvme_map_prp(uint64_t trans_len, uint32_t len, uint64_t prp1, uint64_t prp2, int num_prps) "trans_len %"PRIu64" len %"PRIu32" prp1 0x%"PRIx64" prp2 0x%"PRIx64" num_prps %d" -pci_nvme_map_sgl(uint16_t cid, uint8_t typ, uint64_t len) "cid %"PRIu16" type 0x%"PRIx8" len %"PRIu64"" +pci_nvme_map_sgl(uint8_t typ, uint64_t len) "type 0x%"PRIx8" len %"PRIu64"" pci_nvme_io_cmd(uint16_t cid, uint32_t nsid, uint16_t sqid, uint8_t opcode, const char *opname) "cid %"PRIu16" nsid %"PRIu32" sqid %"PRIu16" opc 0x%"PRIx8" opname '%s'" pci_nvme_admin_cmd(uint16_t cid, uint16_t sqid, uint8_t opcode, const char *opname) "cid %"PRIu16" sqid %"PRIu16" opc 0x%"PRIx8" opname '%s'" +pci_nvme_flush(uint16_t cid, uint32_t nsid) "cid %"PRIu16" nsid %"PRIu32"" pci_nvme_read(uint16_t cid, uint32_t nsid, uint32_t nlb, uint64_t count, uint64_t lba) "cid %"PRIu16" nsid %"PRIu32" nlb %"PRIu32" count %"PRIu64" lba 0x%"PRIx64"" pci_nvme_write(uint16_t cid, const char *verb, uint32_t nsid, uint32_t nlb, uint64_t count, uint64_t lba) "cid %"PRIu16" opname '%s' nsid %"PRIu32" nlb %"PRIu32" count %"PRIu64" lba 0x%"PRIx64"" pci_nvme_rw_cb(uint16_t cid, const char *blkname) "cid %"PRIu16" blk '%s'" +pci_nvme_copy(uint16_t cid, uint32_t nsid, uint16_t nr, uint8_t format) "cid %"PRIu16" nsid %"PRIu32" nr %"PRIu16" format 0x%"PRIx8"" +pci_nvme_copy_source_range(uint64_t slba, uint32_t nlb) "slba 0x%"PRIx64" nlb %"PRIu32"" +pci_nvme_copy_in_complete(uint16_t cid) "cid %"PRIu16"" +pci_nvme_copy_cb(uint16_t cid) "cid %"PRIu16"" pci_nvme_block_status(int64_t offset, int64_t bytes, int64_t pnum, int ret, bool zeroed) "offset %"PRId64" bytes %"PRId64" pnum %"PRId64" ret 0x%x zeroed %d" pci_nvme_dsm(uint16_t cid, uint32_t nsid, uint32_t nr, uint32_t attr) "cid %"PRIu16" nsid %"PRIu32" nr %"PRIu32" attr 0x%"PRIx32"" pci_nvme_dsm_deallocate(uint16_t cid, uint32_t nsid, uint64_t slba, uint32_t nlb) "cid %"PRIu16" nsid %"PRIu32" slba %"PRIu64" nlb %"PRIu32"" +pci_nvme_dsm_single_range_limit_exceeded(uint32_t nlb, uint32_t dmrsl) "nlb %"PRIu32" dmrsl %"PRIu32"" pci_nvme_compare(uint16_t cid, uint32_t nsid, uint64_t slba, uint32_t nlb) "cid %"PRIu16" nsid %"PRIu32" slba 0x%"PRIx64" nlb %"PRIu32"" pci_nvme_compare_cb(uint16_t cid) "cid %"PRIu16"" pci_nvme_aio_discard_cb(uint16_t cid) "cid %"PRIu16"" +pci_nvme_aio_copy_in_cb(uint16_t cid) "cid %"PRIu16"" pci_nvme_aio_zone_reset_cb(uint16_t cid, uint64_t zslba) "cid %"PRIu16" zslba 0x%"PRIx64"" +pci_nvme_aio_flush_cb(uint16_t cid, const char *blkname) "cid %"PRIu16" blk '%s'" pci_nvme_create_sq(uint64_t addr, uint16_t sqid, uint16_t cqid, uint16_t qsize, uint16_t qflags) "create submission queue, addr=0x%"PRIx64", sqid=%"PRIu16", cqid=%"PRIu16", qsize=%"PRIu16", qflags=%"PRIu16"" pci_nvme_create_cq(uint64_t addr, uint16_t cqid, uint16_t vector, uint16_t size, uint16_t qflags, int ien) "create completion queue, addr=0x%"PRIx64", cqid=%"PRIu16", vector=%"PRIu16", qsize=%"PRIu16", qflags=%"PRIu16", ien=%d" pci_nvme_del_sq(uint16_t qid) "deleting submission queue sqid=%"PRIu16"" pci_nvme_del_cq(uint16_t cqid) "deleted completion queue, cqid=%"PRIu16"" +pci_nvme_identify(uint16_t cid, uint8_t cns, uint16_t ctrlid, uint8_t csi) "cid %"PRIu16" cns 0x%"PRIx8" ctrlid %"PRIu16" csi 0x%"PRIx8"" pci_nvme_identify_ctrl(void) "identify controller" pci_nvme_identify_ctrl_csi(uint8_t csi) "identify controller, csi=0x%"PRIx8"" pci_nvme_identify_ns(uint32_t ns) "nsid %"PRIu32"" +pci_nvme_identify_ns_attached_list(uint16_t cntid) "cntid=%"PRIu16"" pci_nvme_identify_ns_csi(uint32_t ns, uint8_t csi) "nsid=%"PRIu32", csi=0x%"PRIx8"" pci_nvme_identify_nslist(uint32_t ns) "nsid %"PRIu32"" pci_nvme_identify_nslist_csi(uint16_t ns, uint8_t csi) "nsid=%"PRIu16", csi=0x%"PRIx8"" @@ -75,6 +85,8 @@ pci_nvme_aer(uint16_t cid) "cid %"PRIu16"" pci_nvme_aer_aerl_exceeded(void) "aerl exceeded" pci_nvme_aer_masked(uint8_t type, uint8_t mask) "type 0x%"PRIx8" mask 0x%"PRIx8"" pci_nvme_aer_post_cqe(uint8_t typ, uint8_t info, uint8_t log_page) "type 0x%"PRIx8" info 0x%"PRIx8" lid 0x%"PRIx8"" +pci_nvme_ns_attachment(uint16_t cid, uint8_t sel) "cid %"PRIu16", sel=0x%"PRIx8"" +pci_nvme_ns_attachment_attach(uint16_t cntlid, uint32_t nsid) "cntlid=0x%"PRIx16", nsid=0x%"PRIx32"" pci_nvme_enqueue_event(uint8_t typ, uint8_t info, uint8_t log_page) "type 0x%"PRIx8" info 0x%"PRIx8" lid 0x%"PRIx8"" pci_nvme_enqueue_event_noqueue(int queued) "queued %d" pci_nvme_enqueue_event_masked(uint8_t typ) "type 0x%"PRIx8"" @@ -107,15 +119,17 @@ pci_nvme_clear_ns_close(uint32_t state, uint64_t slba) "zone state=%"PRIu32", sl pci_nvme_clear_ns_reset(uint32_t state, uint64_t slba) "zone state=%"PRIu32", slba=%"PRIu64" transitioned to Empty state" # nvme traces for error conditions -pci_nvme_err_mdts(uint16_t cid, size_t len) "cid %"PRIu16" len %zu" +pci_nvme_err_mdts(size_t len) "len %zu" +pci_nvme_err_zasl(size_t len) "len %zu" pci_nvme_err_req_status(uint16_t cid, uint32_t nsid, uint16_t status, uint8_t opc) "cid %"PRIu16" nsid %"PRIu32" status 0x%"PRIx16" opc 0x%"PRIx8"" pci_nvme_err_addr_read(uint64_t addr) "addr 0x%"PRIx64"" pci_nvme_err_addr_write(uint64_t addr) "addr 0x%"PRIx64"" pci_nvme_err_cfs(void) "controller fatal status" pci_nvme_err_aio(uint16_t cid, const char *errname, uint16_t status) "cid %"PRIu16" err '%s' status 0x%"PRIx16"" +pci_nvme_err_copy_invalid_format(uint8_t format) "format 0x%"PRIx8"" pci_nvme_err_invalid_sgld(uint16_t cid, uint8_t typ) "cid %"PRIu16" type 0x%"PRIx8"" pci_nvme_err_invalid_num_sgld(uint16_t cid, uint8_t typ) "cid %"PRIu16" type 0x%"PRIx8"" -pci_nvme_err_invalid_sgl_excess_length(uint16_t cid) "cid %"PRIu16"" +pci_nvme_err_invalid_sgl_excess_length(uint32_t residual) "residual %"PRIu32"" pci_nvme_err_invalid_dma(void) "PRP/SGL is too small for transfer size" pci_nvme_err_invalid_prplist_ent(uint64_t prplist) "PRP list entry is not page aligned: 0x%"PRIx64"" pci_nvme_err_invalid_prp2_align(uint64_t prp2) "PRP2 is not page aligned: 0x%"PRIx64"" @@ -136,7 +150,6 @@ pci_nvme_err_zone_boundary(uint64_t slba, uint32_t nlb, uint64_t zcap) "lba 0x%" pci_nvme_err_zone_invalid_write(uint64_t slba, uint64_t wp) "lba 0x%"PRIx64" wp 0x%"PRIx64"" pci_nvme_err_zone_write_not_ok(uint64_t slba, uint32_t nlb, uint16_t status) "slba=%"PRIu64", nlb=%"PRIu32", status=0x%"PRIx16"" pci_nvme_err_zone_read_not_ok(uint64_t slba, uint32_t nlb, uint16_t status) "slba=%"PRIu64", nlb=%"PRIu32", status=0x%"PRIx16"" -pci_nvme_err_append_too_large(uint64_t slba, uint32_t nlb, uint8_t zasl) "slba=%"PRIu64", nlb=%"PRIu32", zasl=%"PRIu8"" pci_nvme_err_insuff_active_res(uint32_t max_active) "max_active=%"PRIu32" zone limit exceeded" pci_nvme_err_insuff_open_res(uint32_t max_open) "max_open=%"PRIu32" zone limit exceeded" pci_nvme_err_zd_extension_map_error(uint32_t zone_idx) "can't map descriptor extension for zone_idx=%"PRIu32"" diff --git a/hw/block/vhost-user-blk.c b/hw/block/vhost-user-blk.c index da4fbf9084..b870a50e6b 100644 --- a/hw/block/vhost-user-blk.c +++ b/hw/block/vhost-user-blk.c @@ -54,6 +54,9 @@ static void vhost_user_blk_update_config(VirtIODevice *vdev, uint8_t *config) { VHostUserBlk *s = VHOST_USER_BLK(vdev); + /* Our num_queues overrides the device backend */ + virtio_stw_p(vdev, &s->blkcfg.num_queues, s->num_queues); + memcpy(config, &s->blkcfg, sizeof(struct virtio_blk_config)); } @@ -491,10 +494,6 @@ reconnect: goto reconnect; } - if (s->blkcfg.num_queues != s->num_queues) { - s->blkcfg.num_queues = s->num_queues; - } - return; virtio_err: diff --git a/hw/char/cadence_uart.c b/hw/char/cadence_uart.c index c603e14012..ceb677bc5a 100644 --- a/hw/char/cadence_uart.c +++ b/hw/char/cadence_uart.c @@ -519,7 +519,7 @@ static void cadence_uart_realize(DeviceState *dev, Error **errp) uart_event, NULL, s, NULL, true); } -static void cadence_uart_refclk_update(void *opaque) +static void cadence_uart_refclk_update(void *opaque, ClockEvent event) { CadenceUARTState *s = opaque; @@ -537,7 +537,7 @@ static void cadence_uart_init(Object *obj) sysbus_init_irq(sbd, &s->irq); s->refclk = qdev_init_clock_in(DEVICE(obj), "refclk", - cadence_uart_refclk_update, s); + cadence_uart_refclk_update, s, ClockUpdate); /* initialize the frequency in case the clock remains unconnected */ clock_set_hz(s->refclk, UART_DEFAULT_REF_CLK); diff --git a/hw/char/ibex_uart.c b/hw/char/ibex_uart.c index 89f1182c9b..edcaa30ade 100644 --- a/hw/char/ibex_uart.c +++ b/hw/char/ibex_uart.c @@ -396,7 +396,7 @@ static void ibex_uart_write(void *opaque, hwaddr addr, } } -static void ibex_uart_clk_update(void *opaque) +static void ibex_uart_clk_update(void *opaque, ClockEvent event) { IbexUartState *s = opaque; @@ -466,7 +466,7 @@ static void ibex_uart_init(Object *obj) IbexUartState *s = IBEX_UART(obj); s->f_clk = qdev_init_clock_in(DEVICE(obj), "f_clock", - ibex_uart_clk_update, s); + ibex_uart_clk_update, s, ClockUpdate); clock_set_hz(s->f_clk, IBEX_UART_CLOCK); sysbus_init_irq(SYS_BUS_DEVICE(obj), &s->tx_watermark); diff --git a/hw/char/pl011.c b/hw/char/pl011.c index ea4a4e5235..c5621a195f 100644 --- a/hw/char/pl011.c +++ b/hw/char/pl011.c @@ -309,7 +309,7 @@ static void pl011_event(void *opaque, QEMUChrEvent event) pl011_put_fifo(opaque, 0x400); } -static void pl011_clock_update(void *opaque) +static void pl011_clock_update(void *opaque, ClockEvent event) { PL011State *s = PL011(opaque); @@ -378,7 +378,8 @@ static void pl011_init(Object *obj) sysbus_init_irq(sbd, &s->irq[i]); } - s->clk = qdev_init_clock_in(DEVICE(obj), "clk", pl011_clock_update, s); + s->clk = qdev_init_clock_in(DEVICE(obj), "clk", pl011_clock_update, s, + ClockUpdate); s->read_trigger = 1; s->ifl = 0x12; diff --git a/hw/core/clock.c b/hw/core/clock.c index 76b5f468b6..fc5a99683f 100644 --- a/hw/core/clock.c +++ b/hw/core/clock.c @@ -39,15 +39,17 @@ Clock *clock_new(Object *parent, const char *name) return clk; } -void clock_set_callback(Clock *clk, ClockCallback *cb, void *opaque) +void clock_set_callback(Clock *clk, ClockCallback *cb, void *opaque, + unsigned int events) { clk->callback = cb; clk->callback_opaque = opaque; + clk->callback_events = events; } void clock_clear_callback(Clock *clk) { - clock_set_callback(clk, NULL, NULL); + clock_set_callback(clk, NULL, NULL, 0); } bool clock_set(Clock *clk, uint64_t period) @@ -62,18 +64,32 @@ bool clock_set(Clock *clk, uint64_t period) return true; } +static void clock_call_callback(Clock *clk, ClockEvent event) +{ + /* + * Call the Clock's callback for this event, if it has one and + * is interested in this event. + */ + if (clk->callback && (clk->callback_events & event)) { + clk->callback(clk->callback_opaque, event); + } +} + static void clock_propagate_period(Clock *clk, bool call_callbacks) { Clock *child; QLIST_FOREACH(child, &clk->children, sibling) { if (child->period != clk->period) { + if (call_callbacks) { + clock_call_callback(child, ClockPreUpdate); + } child->period = clk->period; trace_clock_update(CLOCK_PATH(child), CLOCK_PATH(clk), CLOCK_PERIOD_TO_HZ(clk->period), call_callbacks); - if (call_callbacks && child->callback) { - child->callback(child->callback_opaque); + if (call_callbacks) { + clock_call_callback(child, ClockUpdate); } clock_propagate_period(child, call_callbacks); } diff --git a/hw/core/qdev-clock.c b/hw/core/qdev-clock.c index eb05f2a13c..117f4c6ea4 100644 --- a/hw/core/qdev-clock.c +++ b/hw/core/qdev-clock.c @@ -111,7 +111,8 @@ Clock *qdev_init_clock_out(DeviceState *dev, const char *name) } Clock *qdev_init_clock_in(DeviceState *dev, const char *name, - ClockCallback *callback, void *opaque) + ClockCallback *callback, void *opaque, + unsigned int events) { NamedClockList *ncl; @@ -120,7 +121,7 @@ Clock *qdev_init_clock_in(DeviceState *dev, const char *name, ncl = qdev_init_clocklist(dev, name, false, NULL); if (callback) { - clock_set_callback(ncl->clock, callback, opaque); + clock_set_callback(ncl->clock, callback, opaque, events); } return ncl->clock; } @@ -137,7 +138,8 @@ void qdev_init_clocks(DeviceState *dev, const ClockPortInitArray clocks) if (elem->is_output) { *clkp = qdev_init_clock_out(dev, elem->name); } else { - *clkp = qdev_init_clock_in(dev, elem->name, elem->callback, dev); + *clkp = qdev_init_clock_in(dev, elem->name, elem->callback, dev, + elem->callback_events); } } } diff --git a/hw/dma/Kconfig b/hw/dma/Kconfig index 5d6be1a7a7..98fbb1bb04 100644 --- a/hw/dma/Kconfig +++ b/hw/dma/Kconfig @@ -26,3 +26,7 @@ config STP2000 config SIFIVE_PDMA bool + +config XLNX_CSU_DMA + bool + select REGISTER diff --git a/hw/dma/meson.build b/hw/dma/meson.build index 47b4a7cb47..5c78a4e05f 100644 --- a/hw/dma/meson.build +++ b/hw/dma/meson.build @@ -14,3 +14,4 @@ softmmu_ss.add(when: 'CONFIG_OMAP', if_true: files('omap_dma.c', 'soc_dma.c')) softmmu_ss.add(when: 'CONFIG_PXA2XX', if_true: files('pxa2xx_dma.c')) softmmu_ss.add(when: 'CONFIG_RASPI', if_true: files('bcm2835_dma.c')) softmmu_ss.add(when: 'CONFIG_SIFIVE_PDMA', if_true: files('sifive_pdma.c')) +softmmu_ss.add(when: 'CONFIG_XLNX_CSU_DMA', if_true: files('xlnx_csu_dma.c')) diff --git a/hw/dma/sparc32_dma.c b/hw/dma/sparc32_dma.c index b643b413c5..03bc500878 100644 --- a/hw/dma/sparc32_dma.c +++ b/hw/dma/sparc32_dma.c @@ -295,13 +295,13 @@ static void sparc32_espdma_device_init(Object *obj) memory_region_init_io(&s->iomem, OBJECT(s), &dma_mem_ops, s, "espdma-mmio", DMA_SIZE); - object_initialize_child(obj, "esp", &es->esp, TYPE_ESP); + object_initialize_child(obj, "esp", &es->esp, TYPE_SYSBUS_ESP); } static void sparc32_espdma_device_realize(DeviceState *dev, Error **errp) { ESPDMADeviceState *es = SPARC32_ESPDMA_DEVICE(dev); - SysBusESPState *sysbus = ESP(&es->esp); + SysBusESPState *sysbus = SYSBUS_ESP(&es->esp); ESPState *esp = &sysbus->esp; esp->dma_memory_read = espdma_memory_read; diff --git a/hw/dma/xlnx_csu_dma.c b/hw/dma/xlnx_csu_dma.c new file mode 100644 index 0000000000..98324dadcd --- /dev/null +++ b/hw/dma/xlnx_csu_dma.c @@ -0,0 +1,745 @@ +/* + * Xilinx Platform CSU Stream DMA emulation + * + * This implementation is based on + * https://github.com/Xilinx/qemu/blob/master/hw/dma/csu_stream_dma.c + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 or + * (at your option) version 3 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include "qemu/osdep.h" +#include "qemu/log.h" +#include "qapi/error.h" +#include "hw/hw.h" +#include "hw/irq.h" +#include "hw/qdev-properties.h" +#include "hw/sysbus.h" +#include "migration/vmstate.h" +#include "sysemu/dma.h" +#include "hw/ptimer.h" +#include "hw/stream.h" +#include "hw/register.h" +#include "hw/dma/xlnx_csu_dma.h" + +/* + * Ref: UG1087 (v1.7) February 8, 2019 + * https://www.xilinx.com/html_docs/registers/ug1087/ug1087-zynq-ultrascale-registers.html + * CSUDMA Module section + */ +REG32(ADDR, 0x0) + FIELD(ADDR, ADDR, 2, 30) /* wo */ +REG32(SIZE, 0x4) + FIELD(SIZE, SIZE, 2, 27) /* wo */ + FIELD(SIZE, LAST_WORD, 0, 1) /* rw, only exists in SRC */ +REG32(STATUS, 0x8) + FIELD(STATUS, DONE_CNT, 13, 3) /* wtc */ + FIELD(STATUS, FIFO_LEVEL, 5, 8) /* ro */ + FIELD(STATUS, OUTSTANDING, 1, 4) /* ro */ + FIELD(STATUS, BUSY, 0, 1) /* ro */ +REG32(CTRL, 0xc) + FIELD(CTRL, FIFOTHRESH, 25, 7) /* rw, only exists in DST, reset 0x40 */ + FIELD(CTRL, APB_ERR_RESP, 24, 1) /* rw */ + FIELD(CTRL, ENDIANNESS, 23, 1) /* rw */ + FIELD(CTRL, AXI_BRST_TYPE, 22, 1) /* rw */ + FIELD(CTRL, TIMEOUT_VAL, 10, 12) /* rw, reset: 0xFFE */ + FIELD(CTRL, FIFO_THRESH, 2, 8) /* rw, reset: 0x80 */ + FIELD(CTRL, PAUSE_STRM, 1, 1) /* rw */ + FIELD(CTRL, PAUSE_MEM, 0, 1) /* rw */ +REG32(CRC, 0x10) +REG32(INT_STATUS, 0x14) + FIELD(INT_STATUS, FIFO_OVERFLOW, 7, 1) /* wtc */ + FIELD(INT_STATUS, INVALID_APB, 6, 1) /* wtc */ + FIELD(INT_STATUS, THRESH_HIT, 5, 1) /* wtc */ + FIELD(INT_STATUS, TIMEOUT_MEM, 4, 1) /* wtc */ + FIELD(INT_STATUS, TIMEOUT_STRM, 3, 1) /* wtc */ + FIELD(INT_STATUS, AXI_BRESP_ERR, 2, 1) /* wtc, SRC: AXI_RDERR */ + FIELD(INT_STATUS, DONE, 1, 1) /* wtc */ + FIELD(INT_STATUS, MEM_DONE, 0, 1) /* wtc */ +REG32(INT_ENABLE, 0x18) + FIELD(INT_ENABLE, FIFO_OVERFLOW, 7, 1) /* wtc */ + FIELD(INT_ENABLE, INVALID_APB, 6, 1) /* wtc */ + FIELD(INT_ENABLE, THRESH_HIT, 5, 1) /* wtc */ + FIELD(INT_ENABLE, TIMEOUT_MEM, 4, 1) /* wtc */ + FIELD(INT_ENABLE, TIMEOUT_STRM, 3, 1) /* wtc */ + FIELD(INT_ENABLE, AXI_BRESP_ERR, 2, 1) /* wtc, SRC: AXI_RDERR */ + FIELD(INT_ENABLE, DONE, 1, 1) /* wtc */ + FIELD(INT_ENABLE, MEM_DONE, 0, 1) /* wtc */ +REG32(INT_DISABLE, 0x1c) + FIELD(INT_DISABLE, FIFO_OVERFLOW, 7, 1) /* wtc */ + FIELD(INT_DISABLE, INVALID_APB, 6, 1) /* wtc */ + FIELD(INT_DISABLE, THRESH_HIT, 5, 1) /* wtc */ + FIELD(INT_DISABLE, TIMEOUT_MEM, 4, 1) /* wtc */ + FIELD(INT_DISABLE, TIMEOUT_STRM, 3, 1) /* wtc */ + FIELD(INT_DISABLE, AXI_BRESP_ERR, 2, 1) /* wtc, SRC: AXI_RDERR */ + FIELD(INT_DISABLE, DONE, 1, 1) /* wtc */ + FIELD(INT_DISABLE, MEM_DONE, 0, 1) /* wtc */ +REG32(INT_MASK, 0x20) + FIELD(INT_MASK, FIFO_OVERFLOW, 7, 1) /* ro, reset: 0x1 */ + FIELD(INT_MASK, INVALID_APB, 6, 1) /* ro, reset: 0x1 */ + FIELD(INT_MASK, THRESH_HIT, 5, 1) /* ro, reset: 0x1 */ + FIELD(INT_MASK, TIMEOUT_MEM, 4, 1) /* ro, reset: 0x1 */ + FIELD(INT_MASK, TIMEOUT_STRM, 3, 1) /* ro, reset: 0x1 */ + FIELD(INT_MASK, AXI_BRESP_ERR, 2, 1) /* ro, reset: 0x1, SRC: AXI_RDERR */ + FIELD(INT_MASK, DONE, 1, 1) /* ro, reset: 0x1 */ + FIELD(INT_MASK, MEM_DONE, 0, 1) /* ro, reset: 0x1 */ +REG32(CTRL2, 0x24) + FIELD(CTRL2, ARCACHE, 24, 3) /* rw */ + FIELD(CTRL2, ROUTE_BIT, 23, 1) /* rw */ + FIELD(CTRL2, TIMEOUT_EN, 22, 1) /* rw */ + FIELD(CTRL2, TIMEOUT_PRE, 4, 12) /* rw, reset: 0xFFF */ + FIELD(CTRL2, MAX_OUTS_CMDS, 0, 4) /* rw, reset: 0x8 */ +REG32(ADDR_MSB, 0x28) + FIELD(ADDR_MSB, ADDR_MSB, 0, 17) /* wo */ + +#define R_CTRL_TIMEOUT_VAL_RESET (0xFFE) +#define R_CTRL_FIFO_THRESH_RESET (0x80) +#define R_CTRL_FIFOTHRESH_RESET (0x40) + +#define R_CTRL2_TIMEOUT_PRE_RESET (0xFFF) +#define R_CTRL2_MAX_OUTS_CMDS_RESET (0x8) + +#define XLNX_CSU_DMA_ERR_DEBUG (0) +#define XLNX_CSU_DMA_INT_R_MASK (0xff) + +/* UG1807: Set the prescaler value for the timeout in clk (~2.5ns) cycles */ +#define XLNX_CSU_DMA_TIMER_FREQ (400 * 1000 * 1000) + +static bool xlnx_csu_dma_is_paused(XlnxCSUDMA *s) +{ + bool paused; + + paused = !!(s->regs[R_CTRL] & R_CTRL_PAUSE_STRM_MASK); + paused |= !!(s->regs[R_CTRL] & R_CTRL_PAUSE_MEM_MASK); + + return paused; +} + +static bool xlnx_csu_dma_get_eop(XlnxCSUDMA *s) +{ + return s->r_size_last_word; +} + +static bool xlnx_csu_dma_burst_is_fixed(XlnxCSUDMA *s) +{ + return !!(s->regs[R_CTRL] & R_CTRL_AXI_BRST_TYPE_MASK); +} + +static bool xlnx_csu_dma_timeout_enabled(XlnxCSUDMA *s) +{ + return !!(s->regs[R_CTRL2] & R_CTRL2_TIMEOUT_EN_MASK); +} + +static void xlnx_csu_dma_update_done_cnt(XlnxCSUDMA *s, int a) +{ + int cnt; + + /* Increase DONE_CNT */ + cnt = ARRAY_FIELD_EX32(s->regs, STATUS, DONE_CNT) + a; + ARRAY_FIELD_DP32(s->regs, STATUS, DONE_CNT, cnt); +} + +static void xlnx_csu_dma_data_process(XlnxCSUDMA *s, uint8_t *buf, uint32_t len) +{ + uint32_t bswap; + uint32_t i; + + bswap = s->regs[R_CTRL] & R_CTRL_ENDIANNESS_MASK; + if (s->is_dst && !bswap) { + /* Fast when ENDIANNESS cleared */ + return; + } + + for (i = 0; i < len; i += 4) { + uint8_t *b = &buf[i]; + union { + uint8_t u8[4]; + uint32_t u32; + } v = { + .u8 = { b[0], b[1], b[2], b[3] } + }; + + if (!s->is_dst) { + s->regs[R_CRC] += v.u32; + } + if (bswap) { + /* + * No point using bswap, we need to writeback + * into a potentially unaligned pointer. + */ + b[0] = v.u8[3]; + b[1] = v.u8[2]; + b[2] = v.u8[1]; + b[3] = v.u8[0]; + } + } +} + +static void xlnx_csu_dma_update_irq(XlnxCSUDMA *s) +{ + qemu_set_irq(s->irq, !!(s->regs[R_INT_STATUS] & ~s->regs[R_INT_MASK])); +} + +/* len is in bytes */ +static uint32_t xlnx_csu_dma_read(XlnxCSUDMA *s, uint8_t *buf, uint32_t len) +{ + hwaddr addr = (hwaddr)s->regs[R_ADDR_MSB] << 32 | s->regs[R_ADDR]; + MemTxResult result = MEMTX_OK; + + if (xlnx_csu_dma_burst_is_fixed(s)) { + uint32_t i; + + for (i = 0; i < len && (result == MEMTX_OK); i += s->width) { + uint32_t mlen = MIN(len - i, s->width); + + result = address_space_rw(s->dma_as, addr, s->attr, + buf + i, mlen, false); + } + } else { + result = address_space_rw(s->dma_as, addr, s->attr, buf, len, false); + } + + if (result == MEMTX_OK) { + xlnx_csu_dma_data_process(s, buf, len); + } else { + qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad address " TARGET_FMT_plx + " for mem read", __func__, addr); + s->regs[R_INT_STATUS] |= R_INT_STATUS_AXI_BRESP_ERR_MASK; + xlnx_csu_dma_update_irq(s); + } + return len; +} + +/* len is in bytes */ +static uint32_t xlnx_csu_dma_write(XlnxCSUDMA *s, uint8_t *buf, uint32_t len) +{ + hwaddr addr = (hwaddr)s->regs[R_ADDR_MSB] << 32 | s->regs[R_ADDR]; + MemTxResult result = MEMTX_OK; + + xlnx_csu_dma_data_process(s, buf, len); + if (xlnx_csu_dma_burst_is_fixed(s)) { + uint32_t i; + + for (i = 0; i < len && (result == MEMTX_OK); i += s->width) { + uint32_t mlen = MIN(len - i, s->width); + + result = address_space_rw(s->dma_as, addr, s->attr, + buf, mlen, true); + buf += mlen; + } + } else { + result = address_space_rw(s->dma_as, addr, s->attr, buf, len, true); + } + + if (result != MEMTX_OK) { + qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad address " TARGET_FMT_plx + " for mem write", __func__, addr); + s->regs[R_INT_STATUS] |= R_INT_STATUS_AXI_BRESP_ERR_MASK; + xlnx_csu_dma_update_irq(s); + } + return len; +} + +static void xlnx_csu_dma_done(XlnxCSUDMA *s) +{ + s->regs[R_STATUS] &= ~R_STATUS_BUSY_MASK; + s->regs[R_INT_STATUS] |= R_INT_STATUS_DONE_MASK; + + if (!s->is_dst) { + s->regs[R_INT_STATUS] |= R_INT_STATUS_MEM_DONE_MASK; + } + + xlnx_csu_dma_update_done_cnt(s, 1); +} + +static uint32_t xlnx_csu_dma_advance(XlnxCSUDMA *s, uint32_t len) +{ + uint32_t size = s->regs[R_SIZE]; + hwaddr dst = (hwaddr)s->regs[R_ADDR_MSB] << 32 | s->regs[R_ADDR]; + + assert(len <= size); + + size -= len; + s->regs[R_SIZE] = size; + + if (!xlnx_csu_dma_burst_is_fixed(s)) { + dst += len; + s->regs[R_ADDR] = (uint32_t) dst; + s->regs[R_ADDR_MSB] = dst >> 32; + } + + if (size == 0) { + xlnx_csu_dma_done(s); + } + + return size; +} + +static void xlnx_csu_dma_src_notify(void *opaque) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(opaque); + unsigned char buf[4 * 1024]; + size_t rlen = 0; + + ptimer_transaction_begin(s->src_timer); + /* Stop the backpreassure timer */ + ptimer_stop(s->src_timer); + + while (s->regs[R_SIZE] && !xlnx_csu_dma_is_paused(s) && + stream_can_push(s->tx_dev, xlnx_csu_dma_src_notify, s)) { + uint32_t plen = MIN(s->regs[R_SIZE], sizeof buf); + bool eop = false; + + /* Did we fit it all? */ + if (s->regs[R_SIZE] == plen && xlnx_csu_dma_get_eop(s)) { + eop = true; + } + + /* DMA transfer */ + xlnx_csu_dma_read(s, buf, plen); + rlen = stream_push(s->tx_dev, buf, plen, eop); + xlnx_csu_dma_advance(s, rlen); + } + + if (xlnx_csu_dma_timeout_enabled(s) && s->regs[R_SIZE] && + !stream_can_push(s->tx_dev, xlnx_csu_dma_src_notify, s)) { + uint32_t timeout = ARRAY_FIELD_EX32(s->regs, CTRL, TIMEOUT_VAL); + uint32_t div = ARRAY_FIELD_EX32(s->regs, CTRL2, TIMEOUT_PRE) + 1; + uint32_t freq = XLNX_CSU_DMA_TIMER_FREQ; + + freq /= div; + ptimer_set_freq(s->src_timer, freq); + ptimer_set_count(s->src_timer, timeout); + ptimer_run(s->src_timer, 1); + } + + ptimer_transaction_commit(s->src_timer); + xlnx_csu_dma_update_irq(s); +} + +static uint64_t addr_pre_write(RegisterInfo *reg, uint64_t val) +{ + /* Address is word aligned */ + return val & R_ADDR_ADDR_MASK; +} + +static uint64_t size_pre_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + + if (s->regs[R_SIZE] != 0) { + qemu_log_mask(LOG_GUEST_ERROR, + "%s: Starting DMA while already running.\n", __func__); + } + + if (!s->is_dst) { + s->r_size_last_word = !!(val & R_SIZE_LAST_WORD_MASK); + } + + /* Size is word aligned */ + return val & R_SIZE_SIZE_MASK; +} + +static uint64_t size_post_read(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + + return val | s->r_size_last_word; +} + +static void size_post_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + + s->regs[R_STATUS] |= R_STATUS_BUSY_MASK; + + /* + * Note that if SIZE is programmed to 0, and the DMA is started, + * the interrupts DONE and MEM_DONE will be asserted. + */ + if (s->regs[R_SIZE] == 0) { + xlnx_csu_dma_done(s); + xlnx_csu_dma_update_irq(s); + return; + } + + /* Set SIZE is considered the last step in transfer configuration */ + if (!s->is_dst) { + xlnx_csu_dma_src_notify(s); + } else { + if (s->notify) { + s->notify(s->notify_opaque); + } + } +} + +static uint64_t status_pre_write(RegisterInfo *reg, uint64_t val) +{ + return val & (R_STATUS_DONE_CNT_MASK | R_STATUS_BUSY_MASK); +} + +static void ctrl_post_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + + if (!s->is_dst) { + if (!xlnx_csu_dma_is_paused(s)) { + xlnx_csu_dma_src_notify(s); + } + } else { + if (!xlnx_csu_dma_is_paused(s) && s->notify) { + s->notify(s->notify_opaque); + } + } +} + +static uint64_t int_status_pre_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + + /* DMA counter decrements when flag 'DONE' is cleared */ + if ((val & s->regs[R_INT_STATUS] & R_INT_STATUS_DONE_MASK)) { + xlnx_csu_dma_update_done_cnt(s, -1); + } + + return s->regs[R_INT_STATUS] & ~val; +} + +static void int_status_post_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + + xlnx_csu_dma_update_irq(s); +} + +static uint64_t int_enable_pre_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + uint32_t v32 = val; + + /* + * R_INT_ENABLE doesn't have its own state. + * It is used to indirectly modify R_INT_MASK. + * + * 1: Enable this interrupt field (the mask bit will be cleared to 0) + * 0: No effect + */ + s->regs[R_INT_MASK] &= ~v32; + return 0; +} + +static void int_enable_post_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + + xlnx_csu_dma_update_irq(s); +} + +static uint64_t int_disable_pre_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + uint32_t v32 = val; + + /* + * R_INT_DISABLE doesn't have its own state. + * It is used to indirectly modify R_INT_MASK. + * + * 1: Disable this interrupt field (the mask bit will be set to 1) + * 0: No effect + */ + s->regs[R_INT_MASK] |= v32; + return 0; +} + +static void int_disable_post_write(RegisterInfo *reg, uint64_t val) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(reg->opaque); + + xlnx_csu_dma_update_irq(s); +} + +static uint64_t addr_msb_pre_write(RegisterInfo *reg, uint64_t val) +{ + return val & R_ADDR_MSB_ADDR_MSB_MASK; +} + +static const RegisterAccessInfo *xlnx_csu_dma_regs_info[] = { +#define DMACH_REGINFO(NAME, snd) \ + (const RegisterAccessInfo []) { \ + { \ + .name = #NAME "_ADDR", \ + .addr = A_ADDR, \ + .pre_write = addr_pre_write \ + }, { \ + .name = #NAME "_SIZE", \ + .addr = A_SIZE, \ + .pre_write = size_pre_write, \ + .post_write = size_post_write, \ + .post_read = size_post_read \ + }, { \ + .name = #NAME "_STATUS", \ + .addr = A_STATUS, \ + .pre_write = status_pre_write, \ + .w1c = R_STATUS_DONE_CNT_MASK, \ + .ro = (R_STATUS_BUSY_MASK \ + | R_STATUS_FIFO_LEVEL_MASK \ + | R_STATUS_OUTSTANDING_MASK) \ + }, { \ + .name = #NAME "_CTRL", \ + .addr = A_CTRL, \ + .post_write = ctrl_post_write, \ + .reset = ((R_CTRL_TIMEOUT_VAL_RESET << R_CTRL_TIMEOUT_VAL_SHIFT) \ + | (R_CTRL_FIFO_THRESH_RESET << R_CTRL_FIFO_THRESH_SHIFT)\ + | (snd ? 0 : R_CTRL_FIFOTHRESH_RESET \ + << R_CTRL_FIFOTHRESH_SHIFT)) \ + }, { \ + .name = #NAME "_CRC", \ + .addr = A_CRC, \ + }, { \ + .name = #NAME "_INT_STATUS", \ + .addr = A_INT_STATUS, \ + .pre_write = int_status_pre_write, \ + .post_write = int_status_post_write \ + }, { \ + .name = #NAME "_INT_ENABLE", \ + .addr = A_INT_ENABLE, \ + .pre_write = int_enable_pre_write, \ + .post_write = int_enable_post_write \ + }, { \ + .name = #NAME "_INT_DISABLE", \ + .addr = A_INT_DISABLE, \ + .pre_write = int_disable_pre_write, \ + .post_write = int_disable_post_write \ + }, { \ + .name = #NAME "_INT_MASK", \ + .addr = A_INT_MASK, \ + .ro = ~0, \ + .reset = XLNX_CSU_DMA_INT_R_MASK \ + }, { \ + .name = #NAME "_CTRL2", \ + .addr = A_CTRL2, \ + .reset = ((R_CTRL2_TIMEOUT_PRE_RESET \ + << R_CTRL2_TIMEOUT_PRE_SHIFT) \ + | (R_CTRL2_MAX_OUTS_CMDS_RESET \ + << R_CTRL2_MAX_OUTS_CMDS_SHIFT)) \ + }, { \ + .name = #NAME "_ADDR_MSB", \ + .addr = A_ADDR_MSB, \ + .pre_write = addr_msb_pre_write \ + } \ + } + + DMACH_REGINFO(DMA_SRC, true), + DMACH_REGINFO(DMA_DST, false) +}; + +static const MemoryRegionOps xlnx_csu_dma_ops = { + .read = register_read_memory, + .write = register_write_memory, + .endianness = DEVICE_LITTLE_ENDIAN, + .valid = { + .min_access_size = 4, + .max_access_size = 4, + } +}; + +static void xlnx_csu_dma_src_timeout_hit(void *opaque) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(opaque); + + /* Ignore if the timeout is masked */ + if (!xlnx_csu_dma_timeout_enabled(s)) { + return; + } + + s->regs[R_INT_STATUS] |= R_INT_STATUS_TIMEOUT_STRM_MASK; + xlnx_csu_dma_update_irq(s); +} + +static size_t xlnx_csu_dma_stream_push(StreamSink *obj, uint8_t *buf, + size_t len, bool eop) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(obj); + uint32_t size = s->regs[R_SIZE]; + uint32_t mlen = MIN(size, len) & (~3); /* Size is word aligned */ + + /* Be called when it's DST */ + assert(s->is_dst); + + if (size == 0 || len <= 0) { + return 0; + } + + if (len && (xlnx_csu_dma_is_paused(s) || mlen == 0)) { + qemu_log_mask(LOG_GUEST_ERROR, + "csu-dma: DST channel dropping %zd b of data.\n", len); + s->regs[R_INT_STATUS] |= R_INT_STATUS_FIFO_OVERFLOW_MASK; + return len; + } + + if (xlnx_csu_dma_write(s, buf, mlen) != mlen) { + return 0; + } + + xlnx_csu_dma_advance(s, mlen); + xlnx_csu_dma_update_irq(s); + + return mlen; +} + +static bool xlnx_csu_dma_stream_can_push(StreamSink *obj, + StreamCanPushNotifyFn notify, + void *notify_opaque) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(obj); + + if (s->regs[R_SIZE] != 0) { + return true; + } else { + s->notify = notify; + s->notify_opaque = notify_opaque; + return false; + } +} + +static void xlnx_csu_dma_reset(DeviceState *dev) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(dev); + unsigned int i; + + for (i = 0; i < ARRAY_SIZE(s->regs_info); ++i) { + register_reset(&s->regs_info[i]); + } +} + +static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(dev); + RegisterInfoArray *reg_array; + + reg_array = + register_init_block32(dev, xlnx_csu_dma_regs_info[!!s->is_dst], + XLNX_CSU_DMA_R_MAX, + s->regs_info, s->regs, + &xlnx_csu_dma_ops, + XLNX_CSU_DMA_ERR_DEBUG, + XLNX_CSU_DMA_R_MAX * 4); + memory_region_add_subregion(&s->iomem, + 0x0, + ®_array->mem); + + sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->iomem); + sysbus_init_irq(SYS_BUS_DEVICE(dev), &s->irq); + + if (!s->is_dst && !s->tx_dev) { + error_setg(errp, "zynqmp.csu-dma: Stream not connected"); + return; + } + + s->src_timer = ptimer_init(xlnx_csu_dma_src_timeout_hit, + s, PTIMER_POLICY_DEFAULT); + + if (s->dma_mr) { + s->dma_as = g_malloc0(sizeof(AddressSpace)); + address_space_init(s->dma_as, s->dma_mr, NULL); + } else { + s->dma_as = &address_space_memory; + } + + s->attr = MEMTXATTRS_UNSPECIFIED; + + s->r_size_last_word = 0; +} + +static const VMStateDescription vmstate_xlnx_csu_dma = { + .name = TYPE_XLNX_CSU_DMA, + .version_id = 0, + .minimum_version_id = 0, + .minimum_version_id_old = 0, + .fields = (VMStateField[]) { + VMSTATE_PTIMER(src_timer, XlnxCSUDMA), + VMSTATE_UINT16(width, XlnxCSUDMA), + VMSTATE_BOOL(is_dst, XlnxCSUDMA), + VMSTATE_BOOL(r_size_last_word, XlnxCSUDMA), + VMSTATE_UINT32_ARRAY(regs, XlnxCSUDMA, XLNX_CSU_DMA_R_MAX), + VMSTATE_END_OF_LIST(), + } +}; + +static Property xlnx_csu_dma_properties[] = { + /* + * Ref PG021, Stream Data Width: + * Data width in bits of the AXI S2MM AXI4-Stream Data bus. + * This value must be equal or less than the Memory Map Data Width. + * Valid values are 8, 16, 32, 64, 128, 512 and 1024. + * "dma-width" is the byte value of the "Stream Data Width". + */ + DEFINE_PROP_UINT16("dma-width", XlnxCSUDMA, width, 4), + /* + * The CSU DMA is a two-channel, simple DMA, allowing separate control of + * the SRC (read) channel and DST (write) channel. "is-dst" is used to mark + * which channel the device is connected to. + */ + DEFINE_PROP_BOOL("is-dst", XlnxCSUDMA, is_dst, true), + DEFINE_PROP_END_OF_LIST(), +}; + +static void xlnx_csu_dma_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + StreamSinkClass *ssc = STREAM_SINK_CLASS(klass); + + dc->reset = xlnx_csu_dma_reset; + dc->realize = xlnx_csu_dma_realize; + dc->vmsd = &vmstate_xlnx_csu_dma; + device_class_set_props(dc, xlnx_csu_dma_properties); + + ssc->push = xlnx_csu_dma_stream_push; + ssc->can_push = xlnx_csu_dma_stream_can_push; +} + +static void xlnx_csu_dma_init(Object *obj) +{ + XlnxCSUDMA *s = XLNX_CSU_DMA(obj); + + memory_region_init(&s->iomem, obj, TYPE_XLNX_CSU_DMA, + XLNX_CSU_DMA_R_MAX * 4); + + object_property_add_link(obj, "stream-connected-dma", TYPE_STREAM_SINK, + (Object **)&s->tx_dev, + qdev_prop_allow_set_link_before_realize, + OBJ_PROP_LINK_STRONG); + object_property_add_link(obj, "dma", TYPE_MEMORY_REGION, + (Object **)&s->dma_mr, + qdev_prop_allow_set_link_before_realize, + OBJ_PROP_LINK_STRONG); +} + +static const TypeInfo xlnx_csu_dma_info = { + .name = TYPE_XLNX_CSU_DMA, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(XlnxCSUDMA), + .class_init = xlnx_csu_dma_class_init, + .instance_init = xlnx_csu_dma_init, + .interfaces = (InterfaceInfo[]) { + { TYPE_STREAM_SINK }, + { } + } +}; + +static void xlnx_csu_dma_register_types(void) +{ + type_register_static(&xlnx_csu_dma_info); +} + +type_init(xlnx_csu_dma_register_types) diff --git a/hw/i386/pc.c b/hw/i386/pc.c index 8aa85dec54..410db9ef96 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -58,7 +58,6 @@ #include "sysemu/numa.h" #include "sysemu/kvm.h" #include "sysemu/xen.h" -#include "sysemu/qtest.h" #include "sysemu/reset.h" #include "sysemu/runstate.h" #include "kvm/kvm_i386.h" diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c index d4eca46767..4d2e866eec 100644 --- a/hw/m68k/q800.c +++ b/hw/m68k/q800.c @@ -350,8 +350,8 @@ static void q800_init(MachineState *machine) /* SCSI */ - dev = qdev_new(TYPE_ESP); - sysbus_esp = ESP(dev); + dev = qdev_new(TYPE_SYSBUS_ESP); + sysbus_esp = SYSBUS_ESP(dev); esp = &sysbus_esp->esp; esp->dma_memory_read = NULL; esp->dma_memory_write = NULL; diff --git a/hw/mips/cps.c b/hw/mips/cps.c index 7a0d289efa..2b436700ce 100644 --- a/hw/mips/cps.c +++ b/hw/mips/cps.c @@ -39,7 +39,7 @@ static void mips_cps_init(Object *obj) SysBusDevice *sbd = SYS_BUS_DEVICE(obj); MIPSCPSState *s = MIPS_CPS(obj); - s->clock = qdev_init_clock_in(DEVICE(obj), "clk-in", NULL, NULL); + s->clock = qdev_init_clock_in(DEVICE(obj), "clk-in", NULL, NULL, 0); /* * Cover entire address space as there do not seem to be any * constraints for the base address of CPC and GIC. diff --git a/hw/mips/jazz.c b/hw/mips/jazz.c index 83c8086062..1a0888a0fd 100644 --- a/hw/mips/jazz.c +++ b/hw/mips/jazz.c @@ -328,8 +328,8 @@ static void mips_jazz_init(MachineState *machine, } /* SCSI adapter */ - dev = qdev_new(TYPE_ESP); - sysbus_esp = ESP(dev); + dev = qdev_new(TYPE_SYSBUS_ESP); + sysbus_esp = SYSBUS_ESP(dev); esp = &sysbus_esp->esp; esp->dma_memory_read = rc4030_dma_read; esp->dma_memory_write = rc4030_dma_write; diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig index 19c216f3ef..5426b9b1a1 100644 --- a/hw/misc/Kconfig +++ b/hw/misc/Kconfig @@ -2,6 +2,15 @@ config APPLESMC bool depends on ISA_BUS +config ARMSSE_CPUID + bool + +config ARMSSE_MHU + bool + +config ARMSSE_CPU_PWRCTRL + bool + config MAX111X bool diff --git a/hw/misc/armsse-cpu-pwrctrl.c b/hw/misc/armsse-cpu-pwrctrl.c new file mode 100644 index 0000000000..42fc38879f --- /dev/null +++ b/hw/misc/armsse-cpu-pwrctrl.c @@ -0,0 +1,149 @@ +/* + * Arm SSE CPU PWRCTRL register block + * + * Copyright (c) 2021 Linaro Limited + * Written by Peter Maydell + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 or + * (at your option) any later version. + */ + +/* + * This is a model of the "CPU<N>_PWRCTRL block" which is part of the + * Arm Corstone SSE-300 Example Subsystem and documented in + * https://developer.arm.com/documentation/101773/0000 + */ + +#include "qemu/osdep.h" +#include "qemu/log.h" +#include "qemu/module.h" +#include "trace.h" +#include "qapi/error.h" +#include "migration/vmstate.h" +#include "hw/sysbus.h" +#include "hw/registerfields.h" +#include "hw/misc/armsse-cpu-pwrctrl.h" + +REG32(CPUPWRCFG, 0x0) +REG32(PID4, 0xfd0) +REG32(PID5, 0xfd4) +REG32(PID6, 0xfd8) +REG32(PID7, 0xfdc) +REG32(PID0, 0xfe0) +REG32(PID1, 0xfe4) +REG32(PID2, 0xfe8) +REG32(PID3, 0xfec) +REG32(CID0, 0xff0) +REG32(CID1, 0xff4) +REG32(CID2, 0xff8) +REG32(CID3, 0xffc) + +/* PID/CID values */ +static const int cpu_pwrctrl_id[] = { + 0x04, 0x00, 0x00, 0x00, /* PID4..PID7 */ + 0x5a, 0xb8, 0x0b, 0x00, /* PID0..PID3 */ + 0x0d, 0xf0, 0x05, 0xb1, /* CID0..CID3 */ +}; + +static uint64_t pwrctrl_read(void *opaque, hwaddr offset, unsigned size) +{ + ARMSSECPUPwrCtrl *s = ARMSSE_CPU_PWRCTRL(opaque); + uint64_t r; + + switch (offset) { + case A_CPUPWRCFG: + r = s->cpupwrcfg; + break; + case A_PID4 ... A_CID3: + r = cpu_pwrctrl_id[(offset - A_PID4) / 4]; + break; + default: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE CPU_PWRCTRL read: bad offset %x\n", (int)offset); + r = 0; + break; + } + trace_armsse_cpu_pwrctrl_read(offset, r, size); + return r; +} + +static void pwrctrl_write(void *opaque, hwaddr offset, + uint64_t value, unsigned size) +{ + ARMSSECPUPwrCtrl *s = ARMSSE_CPU_PWRCTRL(opaque); + + trace_armsse_cpu_pwrctrl_write(offset, value, size); + + switch (offset) { + case A_CPUPWRCFG: + qemu_log_mask(LOG_UNIMP, + "SSE CPU_PWRCTRL: CPUPWRCFG unimplemented\n"); + s->cpupwrcfg = value; + break; + default: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE CPU_PWRCTRL write: bad offset 0x%x\n", (int)offset); + break; + } +} + +static const MemoryRegionOps pwrctrl_ops = { + .read = pwrctrl_read, + .write = pwrctrl_write, + .endianness = DEVICE_LITTLE_ENDIAN, + .impl.min_access_size = 4, + .impl.max_access_size = 4, + .valid.min_access_size = 4, + .valid.max_access_size = 4, +}; + +static void pwrctrl_reset(DeviceState *dev) +{ + ARMSSECPUPwrCtrl *s = ARMSSE_CPU_PWRCTRL(dev); + + s->cpupwrcfg = 0; +} + +static const VMStateDescription pwrctrl_vmstate = { + .name = "armsse-cpu-pwrctrl", + .version_id = 1, + .minimum_version_id = 1, + .fields = (VMStateField[]) { + VMSTATE_UINT32(cpupwrcfg, ARMSSECPUPwrCtrl), + VMSTATE_END_OF_LIST() + }, +}; + +static void pwrctrl_init(Object *obj) +{ + SysBusDevice *sbd = SYS_BUS_DEVICE(obj); + ARMSSECPUPwrCtrl *s = ARMSSE_CPU_PWRCTRL(obj); + + memory_region_init_io(&s->iomem, obj, &pwrctrl_ops, + s, "armsse-cpu-pwrctrl", 0x1000); + sysbus_init_mmio(sbd, &s->iomem); +} + +static void pwrctrl_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->reset = pwrctrl_reset; + dc->vmsd = &pwrctrl_vmstate; +} + +static const TypeInfo pwrctrl_info = { + .name = TYPE_ARMSSE_CPU_PWRCTRL, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(ARMSSECPUPwrCtrl), + .instance_init = pwrctrl_init, + .class_init = pwrctrl_class_init, +}; + +static void pwrctrl_register_types(void) +{ + type_register_static(&pwrctrl_info); +} + +type_init(pwrctrl_register_types); diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c index 7e415a017c..75e6c574d4 100644 --- a/hw/misc/bcm2835_cprman.c +++ b/hw/misc/bcm2835_cprman.c @@ -107,7 +107,7 @@ static void pll_update(CprmanPllState *pll) clock_update_hz(pll->out, freq); } -static void pll_xosc_update(void *opaque) +static void pll_xosc_update(void *opaque, ClockEvent event) { pll_update(CPRMAN_PLL(opaque)); } @@ -116,7 +116,8 @@ static void pll_init(Object *obj) { CprmanPllState *s = CPRMAN_PLL(obj); - s->xosc_in = qdev_init_clock_in(DEVICE(s), "xosc-in", pll_xosc_update, s); + s->xosc_in = qdev_init_clock_in(DEVICE(s), "xosc-in", pll_xosc_update, + s, ClockUpdate); s->out = qdev_init_clock_out(DEVICE(s), "out"); } @@ -209,7 +210,7 @@ static void pll_update_all_channels(BCM2835CprmanState *s, } } -static void pll_channel_pll_in_update(void *opaque) +static void pll_channel_pll_in_update(void *opaque, ClockEvent event) { pll_channel_update(CPRMAN_PLL_CHANNEL(opaque)); } @@ -219,7 +220,8 @@ static void pll_channel_init(Object *obj) CprmanPllChannelState *s = CPRMAN_PLL_CHANNEL(obj); s->pll_in = qdev_init_clock_in(DEVICE(s), "pll-in", - pll_channel_pll_in_update, s); + pll_channel_pll_in_update, s, + ClockUpdate); s->out = qdev_init_clock_out(DEVICE(s), "out"); } @@ -303,7 +305,7 @@ static void clock_mux_update(CprmanClockMuxState *mux) clock_update_hz(mux->out, freq); } -static void clock_mux_src_update(void *opaque) +static void clock_mux_src_update(void *opaque, ClockEvent event) { CprmanClockMuxState **backref = opaque; CprmanClockMuxState *s = *backref; @@ -335,7 +337,8 @@ static void clock_mux_init(Object *obj) s->backref[i] = s; s->srcs[i] = qdev_init_clock_in(DEVICE(s), name, clock_mux_src_update, - &s->backref[i]); + &s->backref[i], + ClockUpdate); g_free(name); } @@ -380,7 +383,7 @@ static void dsi0hsck_mux_update(CprmanDsi0HsckMuxState *s) clock_update(s->out, clock_get(src)); } -static void dsi0hsck_mux_in_update(void *opaque) +static void dsi0hsck_mux_in_update(void *opaque, ClockEvent event) { dsi0hsck_mux_update(CPRMAN_DSI0HSCK_MUX(opaque)); } @@ -390,8 +393,10 @@ static void dsi0hsck_mux_init(Object *obj) CprmanDsi0HsckMuxState *s = CPRMAN_DSI0HSCK_MUX(obj); DeviceState *dev = DEVICE(obj); - s->plla_in = qdev_init_clock_in(dev, "plla-in", dsi0hsck_mux_in_update, s); - s->plld_in = qdev_init_clock_in(dev, "plld-in", dsi0hsck_mux_in_update, s); + s->plla_in = qdev_init_clock_in(dev, "plla-in", dsi0hsck_mux_in_update, + s, ClockUpdate); + s->plld_in = qdev_init_clock_in(dev, "plld-in", dsi0hsck_mux_in_update, + s, ClockUpdate); s->out = qdev_init_clock_out(DEVICE(s), "out"); } diff --git a/hw/misc/iotkit-secctl.c b/hw/misc/iotkit-secctl.c index 9fdb82056a..7b41cfa8fc 100644 --- a/hw/misc/iotkit-secctl.c +++ b/hw/misc/iotkit-secctl.c @@ -19,6 +19,8 @@ #include "hw/registerfields.h" #include "hw/irq.h" #include "hw/misc/iotkit-secctl.h" +#include "hw/arm/armsse-version.h" +#include "hw/qdev-properties.h" /* Registers in the secure privilege control block */ REG32(SECRESPCFG, 0x10) @@ -95,6 +97,19 @@ static const uint8_t iotkit_secctl_ns_idregs[] = { 0x0d, 0xf0, 0x05, 0xb1, }; +static const uint8_t iotkit_secctl_s_sse300_idregs[] = { + 0x04, 0x00, 0x00, 0x00, + 0x52, 0xb8, 0x2b, 0x00, + 0x0d, 0xf0, 0x05, 0xb1, +}; + +static const uint8_t iotkit_secctl_ns_sse300_idregs[] = { + 0x04, 0x00, 0x00, 0x00, + 0x53, 0xb8, 0x2b, 0x00, + 0x0d, 0xf0, 0x05, 0xb1, +}; + + /* The register sets for the various PPCs (AHB internal, APB internal, * AHB expansion, APB expansion) are all set up so that they are * in 16-aligned blocks so offsets 0xN0, 0xN4, 0xN8, 0xNC are PPCs @@ -213,7 +228,14 @@ static MemTxResult iotkit_secctl_s_read(void *opaque, hwaddr addr, case A_CID1: case A_CID2: case A_CID3: - r = iotkit_secctl_s_idregs[(offset - A_PID4) / 4]; + switch (s->sse_version) { + case ARMSSE_SSE300: + r = iotkit_secctl_s_sse300_idregs[(offset - A_PID4) / 4]; + break; + default: + r = iotkit_secctl_s_idregs[(offset - A_PID4) / 4]; + break; + } break; case A_SECPPCINTCLR: case A_SECMSCINTCLR: @@ -473,7 +495,14 @@ static MemTxResult iotkit_secctl_ns_read(void *opaque, hwaddr addr, case A_CID1: case A_CID2: case A_CID3: - r = iotkit_secctl_ns_idregs[(offset - A_PID4) / 4]; + switch (s->sse_version) { + case ARMSSE_SSE300: + r = iotkit_secctl_ns_sse300_idregs[(offset - A_PID4) / 4]; + break; + default: + r = iotkit_secctl_ns_idregs[(offset - A_PID4) / 4]; + break; + } break; default: qemu_log_mask(LOG_GUEST_ERROR, @@ -710,6 +739,16 @@ static void iotkit_secctl_init(Object *obj) sysbus_init_mmio(sbd, &s->ns_regs); } +static void iotkit_secctl_realize(DeviceState *dev, Error **errp) +{ + IoTKitSecCtl *s = IOTKIT_SECCTL(dev); + + if (!armsse_version_valid(s->sse_version)) { + error_setg(errp, "invalid sse-version value %d", s->sse_version); + return; + } +} + static const VMStateDescription iotkit_secctl_ppc_vmstate = { .name = "iotkit-secctl-ppc", .version_id = 1, @@ -775,12 +814,19 @@ static const VMStateDescription iotkit_secctl_vmstate = { }, }; +static Property iotkit_secctl_props[] = { + DEFINE_PROP_UINT32("sse-version", IoTKitSecCtl, sse_version, 0), + DEFINE_PROP_END_OF_LIST() +}; + static void iotkit_secctl_class_init(ObjectClass *klass, void *data) { DeviceClass *dc = DEVICE_CLASS(klass); dc->vmsd = &iotkit_secctl_vmstate; dc->reset = iotkit_secctl_reset; + dc->realize = iotkit_secctl_realize; + device_class_set_props(dc, iotkit_secctl_props); } static const TypeInfo iotkit_secctl_info = { diff --git a/hw/misc/iotkit-sysctl.c b/hw/misc/iotkit-sysctl.c index 222511c4b0..9ee8fe8495 100644 --- a/hw/misc/iotkit-sysctl.c +++ b/hw/misc/iotkit-sysctl.c @@ -28,6 +28,7 @@ #include "hw/registerfields.h" #include "hw/misc/iotkit-sysctl.h" #include "hw/qdev-properties.h" +#include "hw/arm/armsse-version.h" #include "target/arm/arm-powerctl.h" #include "target/arm/cpu.h" @@ -44,16 +45,22 @@ REG32(SWRESET, 0x108) FIELD(SWRESET, SWRESETREQ, 9, 1) REG32(GRETREG, 0x10c) REG32(INITSVTOR0, 0x110) + FIELD(INITSVTOR0, LOCK, 0, 1) + FIELD(INITSVTOR0, VTOR, 7, 25) REG32(INITSVTOR1, 0x114) REG32(CPUWAIT, 0x118) REG32(NMI_ENABLE, 0x11c) /* BUSWAIT in IoTKit */ REG32(WICCTRL, 0x120) REG32(EWCTRL, 0x124) +REG32(PWRCTRL, 0x1fc) + FIELD(PWRCTRL, PPU_ACCESS_UNLOCK, 0, 1) + FIELD(PWRCTRL, PPU_ACCESS_FILTER, 1, 1) REG32(PDCM_PD_SYS_SENSE, 0x200) +REG32(PDCM_PD_CPU0_SENSE, 0x204) REG32(PDCM_PD_SRAM0_SENSE, 0x20c) REG32(PDCM_PD_SRAM1_SENSE, 0x210) -REG32(PDCM_PD_SRAM2_SENSE, 0x214) -REG32(PDCM_PD_SRAM3_SENSE, 0x218) +REG32(PDCM_PD_SRAM2_SENSE, 0x214) /* PDCM_PD_VMR0_SENSE on SSE300 */ +REG32(PDCM_PD_SRAM3_SENSE, 0x218) /* PDCM_PD_VMR1_SENSE on SSE300 */ REG32(PID4, 0xfd0) REG32(PID5, 0xfd4) REG32(PID6, 0xfd8) @@ -68,12 +75,19 @@ REG32(CID2, 0xff8) REG32(CID3, 0xffc) /* PID/CID values */ -static const int sysctl_id[] = { +static const int iotkit_sysctl_id[] = { 0x04, 0x00, 0x00, 0x00, /* PID4..PID7 */ 0x54, 0xb8, 0x0b, 0x00, /* PID0..PID3 */ 0x0d, 0xf0, 0x05, 0xb1, /* CID0..CID3 */ }; +/* Also used by the SSE300 */ +static const int sse200_sysctl_id[] = { + 0x04, 0x00, 0x00, 0x00, /* PID4..PID7 */ + 0x54, 0xb8, 0x1b, 0x00, /* PID0..PID3 */ + 0x0d, 0xf0, 0x05, 0xb1, /* CID0..CID3 */ +}; + /* * Set the initial secure vector table offset address for the core. * This will take effect when the CPU next resets. @@ -100,28 +114,52 @@ static uint64_t iotkit_sysctl_read(void *opaque, hwaddr offset, r = s->secure_debug; break; case A_SCSECCTRL: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + r = s->scsecctrl; + break; + default: + g_assert_not_reached(); } - r = s->scsecctrl; break; case A_FCLK_DIV: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + r = s->fclk_div; + break; + default: + g_assert_not_reached(); } - r = s->fclk_div; break; case A_SYSCLK_DIV: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + r = s->sysclk_div; + break; + default: + g_assert_not_reached(); } - r = s->sysclk_div; break; case A_CLOCK_FORCE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + r = s->clock_force; + break; + default: + g_assert_not_reached(); } - r = s->clock_force; break; case A_RESET_SYNDROME: r = s->reset_syndrome; @@ -136,63 +174,178 @@ static uint64_t iotkit_sysctl_read(void *opaque, hwaddr offset, r = s->initsvtor0; break; case A_INITSVTOR1: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: + goto bad_offset; + case ARMSSE_SSE200: + r = s->initsvtor1; + break; + case ARMSSE_SSE300: goto bad_offset; + default: + g_assert_not_reached(); } - r = s->initsvtor1; break; case A_CPUWAIT: - r = s->cpuwait; + switch (s->sse_version) { + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: + r = s->cpuwait; + break; + case ARMSSE_SSE300: + /* In SSE300 this is reserved (for INITSVTOR2) */ + goto bad_offset; + default: + g_assert_not_reached(); + } break; case A_NMI_ENABLE: - /* In IoTKit this is named BUSWAIT but is marked reserved, R/O, zero */ - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: + /* In IoTKit this is named BUSWAIT but marked reserved, R/O, zero */ r = 0; break; + case ARMSSE_SSE200: + r = s->nmi_enable; + break; + case ARMSSE_SSE300: + /* In SSE300 this is reserved (for INITSVTOR3) */ + goto bad_offset; + default: + g_assert_not_reached(); } - r = s->nmi_enable; break; case A_WICCTRL: - r = s->wicctrl; + switch (s->sse_version) { + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: + r = s->wicctrl; + break; + case ARMSSE_SSE300: + /* In SSE300 this offset is CPUWAIT */ + r = s->cpuwait; + break; + default: + g_assert_not_reached(); + } break; case A_EWCTRL: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + r = s->ewctrl; + break; + case ARMSSE_SSE300: + /* In SSE300 this offset is is NMI_ENABLE */ + r = s->nmi_enable; + break; + default: + g_assert_not_reached(); + } + break; + case A_PWRCTRL: + switch (s->sse_version) { + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: + goto bad_offset; + case ARMSSE_SSE300: + r = s->pwrctrl; + break; + default: + g_assert_not_reached(); } - r = s->ewctrl; break; case A_PDCM_PD_SYS_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + r = s->pdcm_pd_sys_sense; + break; + default: + g_assert_not_reached(); + } + break; + case A_PDCM_PD_CPU0_SENSE: + switch (s->sse_version) { + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: + goto bad_offset; + case ARMSSE_SSE300: + r = s->pdcm_pd_cpu0_sense; + break; + default: + g_assert_not_reached(); } - r = s->pdcm_pd_sys_sense; break; case A_PDCM_PD_SRAM0_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + r = s->pdcm_pd_sram0_sense; + break; + case ARMSSE_SSE300: + goto bad_offset; + default: + g_assert_not_reached(); } - r = s->pdcm_pd_sram0_sense; break; case A_PDCM_PD_SRAM1_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: + goto bad_offset; + case ARMSSE_SSE200: + r = s->pdcm_pd_sram1_sense; + break; + case ARMSSE_SSE300: goto bad_offset; + default: + g_assert_not_reached(); } - r = s->pdcm_pd_sram1_sense; break; case A_PDCM_PD_SRAM2_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + r = s->pdcm_pd_sram2_sense; + break; + case ARMSSE_SSE300: + r = s->pdcm_pd_vmr0_sense; + break; + default: + g_assert_not_reached(); } - r = s->pdcm_pd_sram2_sense; break; case A_PDCM_PD_SRAM3_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + r = s->pdcm_pd_sram3_sense; + break; + case ARMSSE_SSE300: + r = s->pdcm_pd_vmr1_sense; + break; + default: + g_assert_not_reached(); } - r = s->pdcm_pd_sram3_sense; break; case A_PID4 ... A_CID3: - r = sysctl_id[(offset - A_PID4) / 4]; + switch (s->sse_version) { + case ARMSSE_IOTKIT: + r = iotkit_sysctl_id[(offset - A_PID4) / 4]; + break; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + r = sse200_sysctl_id[(offset - A_PID4) / 4]; + break; + default: + g_assert_not_reached(); + } break; case A_SECDBGSET: case A_SECDBGCLR: @@ -213,6 +366,21 @@ static uint64_t iotkit_sysctl_read(void *opaque, hwaddr offset, return r; } +static void cpuwait_write(IoTKitSysCtl *s, uint32_t value) +{ + int num_cpus = (s->sse_version == ARMSSE_SSE300) ? 1 : 2; + int i; + + for (i = 0; i < num_cpus; i++) { + uint32_t mask = 1 << i; + if ((s->cpuwait & mask) && !(value & mask)) { + /* Powering up CPU 0 */ + arm_set_cpu_on_and_reset(i); + } + } + s->cpuwait = value; +} + static void iotkit_sysctl_write(void *opaque, hwaddr offset, uint64_t value, unsigned size) { @@ -249,23 +417,53 @@ static void iotkit_sysctl_write(void *opaque, hwaddr offset, s->gretreg = value; break; case A_INITSVTOR0: - s->initsvtor0 = value; - set_init_vtor(0, s->initsvtor0); + switch (s->sse_version) { + case ARMSSE_SSE300: + /* SSE300 has a LOCK bit which prevents further writes when set */ + if (s->initsvtor0 & R_INITSVTOR0_LOCK_MASK) { + qemu_log_mask(LOG_GUEST_ERROR, + "IoTKit INITSVTOR0 write when register locked\n"); + break; + } + s->initsvtor0 = value; + set_init_vtor(0, s->initsvtor0 & R_INITSVTOR0_VTOR_MASK); + break; + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: + s->initsvtor0 = value; + set_init_vtor(0, s->initsvtor0); + break; + default: + g_assert_not_reached(); + } break; case A_CPUWAIT: - if ((s->cpuwait & 1) && !(value & 1)) { - /* Powering up CPU 0 */ - arm_set_cpu_on_and_reset(0); - } - if ((s->cpuwait & 2) && !(value & 2)) { - /* Powering up CPU 1 */ - arm_set_cpu_on_and_reset(1); + switch (s->sse_version) { + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: + cpuwait_write(s, value); + break; + case ARMSSE_SSE300: + /* In SSE300 this is reserved (for INITSVTOR2) */ + goto bad_offset; + default: + g_assert_not_reached(); } - s->cpuwait = value; break; case A_WICCTRL: - qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl WICCTRL unimplemented\n"); - s->wicctrl = value; + switch (s->sse_version) { + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: + qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl WICCTRL unimplemented\n"); + s->wicctrl = value; + break; + case ARMSSE_SSE300: + /* In SSE300 this offset is CPUWAIT */ + cpuwait_write(s, value); + break; + default: + g_assert_not_reached(); + } break; case A_SECDBGSET: /* write-1-to-set */ @@ -283,94 +481,214 @@ static void iotkit_sysctl_write(void *opaque, hwaddr offset, } break; case A_SCSECCTRL: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl SCSECCTRL unimplemented\n"); + s->scsecctrl = value; + break; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl SCSECCTRL unimplemented\n"); - s->scsecctrl = value; break; case A_FCLK_DIV: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl FCLK_DIV unimplemented\n"); + s->fclk_div = value; + break; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl FCLK_DIV unimplemented\n"); - s->fclk_div = value; break; case A_SYSCLK_DIV: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl SYSCLK_DIV unimplemented\n"); + s->sysclk_div = value; + break; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl SYSCLK_DIV unimplemented\n"); - s->sysclk_div = value; break; case A_CLOCK_FORCE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl CLOCK_FORCE unimplemented\n"); + s->clock_force = value; + break; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl CLOCK_FORCE unimplemented\n"); - s->clock_force = value; break; case A_INITSVTOR1: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + s->initsvtor1 = value; + set_init_vtor(1, s->initsvtor1); + break; + case ARMSSE_SSE300: + goto bad_offset; + default: + g_assert_not_reached(); } - s->initsvtor1 = value; - set_init_vtor(1, s->initsvtor1); break; case A_EWCTRL: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl EWCTRL unimplemented\n"); + s->ewctrl = value; + break; + case ARMSSE_SSE300: + /* In SSE300 this offset is is NMI_ENABLE */ + qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl NMI_ENABLE unimplemented\n"); + s->nmi_enable = value; + break; + default: + g_assert_not_reached(); + } + break; + case A_PWRCTRL: + switch (s->sse_version) { + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: + goto bad_offset; + case ARMSSE_SSE300: + if (!(s->pwrctrl & R_PWRCTRL_PPU_ACCESS_UNLOCK_MASK)) { + qemu_log_mask(LOG_GUEST_ERROR, + "IoTKit PWRCTRL write when register locked\n"); + break; + } + s->pwrctrl = value; + break; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl EWCTRL unimplemented\n"); - s->ewctrl = value; break; case A_PDCM_PD_SYS_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: + goto bad_offset; + case ARMSSE_SSE200: + case ARMSSE_SSE300: + qemu_log_mask(LOG_UNIMP, + "IoTKit SysCtl PDCM_PD_SYS_SENSE unimplemented\n"); + s->pdcm_pd_sys_sense = value; + break; + default: + g_assert_not_reached(); + } + break; + case A_PDCM_PD_CPU0_SENSE: + switch (s->sse_version) { + case ARMSSE_IOTKIT: + case ARMSSE_SSE200: goto bad_offset; + case ARMSSE_SSE300: + qemu_log_mask(LOG_UNIMP, + "IoTKit SysCtl PDCM_PD_CPU0_SENSE unimplemented\n"); + s->pdcm_pd_cpu0_sense = value; + break; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, - "IoTKit SysCtl PDCM_PD_SYS_SENSE unimplemented\n"); - s->pdcm_pd_sys_sense = value; break; case A_PDCM_PD_SRAM0_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: + goto bad_offset; + case ARMSSE_SSE200: + qemu_log_mask(LOG_UNIMP, + "IoTKit SysCtl PDCM_PD_SRAM0_SENSE unimplemented\n"); + s->pdcm_pd_sram0_sense = value; + break; + case ARMSSE_SSE300: goto bad_offset; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, - "IoTKit SysCtl PDCM_PD_SRAM0_SENSE unimplemented\n"); - s->pdcm_pd_sram0_sense = value; break; case A_PDCM_PD_SRAM1_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: + goto bad_offset; + case ARMSSE_SSE200: + qemu_log_mask(LOG_UNIMP, + "IoTKit SysCtl PDCM_PD_SRAM1_SENSE unimplemented\n"); + s->pdcm_pd_sram1_sense = value; + break; + case ARMSSE_SSE300: goto bad_offset; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, - "IoTKit SysCtl PDCM_PD_SRAM1_SENSE unimplemented\n"); - s->pdcm_pd_sram1_sense = value; break; case A_PDCM_PD_SRAM2_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + qemu_log_mask(LOG_UNIMP, + "IoTKit SysCtl PDCM_PD_SRAM2_SENSE unimplemented\n"); + s->pdcm_pd_sram2_sense = value; + break; + case ARMSSE_SSE300: + qemu_log_mask(LOG_UNIMP, + "IoTKit SysCtl PDCM_PD_VMR0_SENSE unimplemented\n"); + s->pdcm_pd_vmr0_sense = value; + break; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, - "IoTKit SysCtl PDCM_PD_SRAM2_SENSE unimplemented\n"); - s->pdcm_pd_sram2_sense = value; break; case A_PDCM_PD_SRAM3_SENSE: - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto bad_offset; + case ARMSSE_SSE200: + qemu_log_mask(LOG_UNIMP, + "IoTKit SysCtl PDCM_PD_SRAM3_SENSE unimplemented\n"); + s->pdcm_pd_sram3_sense = value; + break; + case ARMSSE_SSE300: + qemu_log_mask(LOG_UNIMP, + "IoTKit SysCtl PDCM_PD_VMR1_SENSE unimplemented\n"); + s->pdcm_pd_vmr1_sense = value; + break; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, - "IoTKit SysCtl PDCM_PD_SRAM3_SENSE unimplemented\n"); - s->pdcm_pd_sram3_sense = value; break; case A_NMI_ENABLE: /* In IoTKit this is BUSWAIT: reserved, R/O, zero */ - if (!s->is_sse200) { + switch (s->sse_version) { + case ARMSSE_IOTKIT: goto ro_offset; + case ARMSSE_SSE200: + qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl NMI_ENABLE unimplemented\n"); + s->nmi_enable = value; + break; + case ARMSSE_SSE300: + /* In SSE300 this is reserved (for INITSVTOR3) */ + goto bad_offset; + default: + g_assert_not_reached(); } - qemu_log_mask(LOG_UNIMP, "IoTKit SysCtl NMI_ENABLE unimplemented\n"); - s->nmi_enable = value; break; case A_SECDBGSTAT: case A_PID4 ... A_CID3: @@ -417,11 +735,15 @@ static void iotkit_sysctl_reset(DeviceState *dev) s->clock_force = 0; s->nmi_enable = 0; s->ewctrl = 0; + s->pwrctrl = 0x3; s->pdcm_pd_sys_sense = 0x7f; s->pdcm_pd_sram0_sense = 0; s->pdcm_pd_sram1_sense = 0; s->pdcm_pd_sram2_sense = 0; s->pdcm_pd_sram3_sense = 0; + s->pdcm_pd_cpu0_sense = 0; + s->pdcm_pd_vmr0_sense = 0; + s->pdcm_pd_vmr1_sense = 0; } static void iotkit_sysctl_init(Object *obj) @@ -438,17 +760,38 @@ static void iotkit_sysctl_realize(DeviceState *dev, Error **errp) { IoTKitSysCtl *s = IOTKIT_SYSCTL(dev); - /* The top 4 bits of the SYS_VERSION register tell us if we're an SSE-200 */ - if (extract32(s->sys_version, 28, 4) == 2) { - s->is_sse200 = true; + if (!armsse_version_valid(s->sse_version)) { + error_setg(errp, "invalid sse-version value %d", s->sse_version); + return; } } +static bool sse300_needed(void *opaque) +{ + IoTKitSysCtl *s = IOTKIT_SYSCTL(opaque); + + return s->sse_version == ARMSSE_SSE300; +} + +static const VMStateDescription iotkit_sysctl_sse300_vmstate = { + .name = "iotkit-sysctl/sse-300", + .version_id = 1, + .minimum_version_id = 1, + .needed = sse300_needed, + .fields = (VMStateField[]) { + VMSTATE_UINT32(pwrctrl, IoTKitSysCtl), + VMSTATE_UINT32(pdcm_pd_cpu0_sense, IoTKitSysCtl), + VMSTATE_UINT32(pdcm_pd_vmr0_sense, IoTKitSysCtl), + VMSTATE_UINT32(pdcm_pd_vmr1_sense, IoTKitSysCtl), + VMSTATE_END_OF_LIST() + } +}; + static bool sse200_needed(void *opaque) { IoTKitSysCtl *s = IOTKIT_SYSCTL(opaque); - return s->is_sse200; + return s->sse_version != ARMSSE_IOTKIT; } static const VMStateDescription iotkit_sysctl_sse200_vmstate = { @@ -488,12 +831,13 @@ static const VMStateDescription iotkit_sysctl_vmstate = { }, .subsections = (const VMStateDescription*[]) { &iotkit_sysctl_sse200_vmstate, + &iotkit_sysctl_sse300_vmstate, NULL } }; static Property iotkit_sysctl_props[] = { - DEFINE_PROP_UINT32("SYS_VERSION", IoTKitSysCtl, sys_version, 0), + DEFINE_PROP_UINT32("sse-version", IoTKitSysCtl, sse_version, 0), DEFINE_PROP_UINT32("CPUWAIT_RST", IoTKitSysCtl, cpuwait_rst, 0), DEFINE_PROP_UINT32("INITSVTOR0_RST", IoTKitSysCtl, initsvtor0_rst, 0x10000000), diff --git a/hw/misc/iotkit-sysinfo.c b/hw/misc/iotkit-sysinfo.c index 52e70053df..aaa9305b2e 100644 --- a/hw/misc/iotkit-sysinfo.c +++ b/hw/misc/iotkit-sysinfo.c @@ -26,9 +26,12 @@ #include "hw/registerfields.h" #include "hw/misc/iotkit-sysinfo.h" #include "hw/qdev-properties.h" +#include "hw/arm/armsse-version.h" REG32(SYS_VERSION, 0x0) REG32(SYS_CONFIG, 0x4) +REG32(SYS_CONFIG1, 0x8) +REG32(IIDR, 0xfc8) REG32(PID4, 0xfd0) REG32(PID5, 0xfd4) REG32(PID6, 0xfd8) @@ -49,6 +52,12 @@ static const int sysinfo_id[] = { 0x0d, 0xf0, 0x05, 0xb1, /* CID0..CID3 */ }; +static const int sysinfo_sse300_id[] = { + 0x04, 0x00, 0x00, 0x00, /* PID4..PID7 */ + 0x58, 0xb8, 0x1b, 0x00, /* PID0..PID3 */ + 0x0d, 0xf0, 0x05, 0xb1, /* CID0..CID3 */ +}; + static uint64_t iotkit_sysinfo_read(void *opaque, hwaddr offset, unsigned size) { @@ -63,10 +72,36 @@ static uint64_t iotkit_sysinfo_read(void *opaque, hwaddr offset, case A_SYS_CONFIG: r = s->sys_config; break; + case A_SYS_CONFIG1: + switch (s->sse_version) { + case ARMSSE_SSE300: + return 0; + break; + default: + goto bad_read; + } + break; + case A_IIDR: + switch (s->sse_version) { + case ARMSSE_SSE300: + return s->iidr; + break; + default: + goto bad_read; + } + break; case A_PID4 ... A_CID3: - r = sysinfo_id[(offset - A_PID4) / 4]; + switch (s->sse_version) { + case ARMSSE_SSE300: + r = sysinfo_sse300_id[(offset - A_PID4) / 4]; + break; + default: + r = sysinfo_id[(offset - A_PID4) / 4]; + break; + } break; default: + bad_read: qemu_log_mask(LOG_GUEST_ERROR, "IoTKit SysInfo read: bad offset %x\n", (int)offset); r = 0; @@ -99,6 +134,8 @@ static const MemoryRegionOps iotkit_sysinfo_ops = { static Property iotkit_sysinfo_props[] = { DEFINE_PROP_UINT32("SYS_VERSION", IoTKitSysInfo, sys_version, 0), DEFINE_PROP_UINT32("SYS_CONFIG", IoTKitSysInfo, sys_config, 0), + DEFINE_PROP_UINT32("sse-version", IoTKitSysInfo, sse_version, 0), + DEFINE_PROP_UINT32("IIDR", IoTKitSysInfo, iidr, 0), DEFINE_PROP_END_OF_LIST() }; @@ -112,6 +149,16 @@ static void iotkit_sysinfo_init(Object *obj) sysbus_init_mmio(sbd, &s->iomem); } +static void iotkit_sysinfo_realize(DeviceState *dev, Error **errp) +{ + IoTKitSysInfo *s = IOTKIT_SYSINFO(dev); + + if (!armsse_version_valid(s->sse_version)) { + error_setg(errp, "invalid sse-version value %d", s->sse_version); + return; + } +} + static void iotkit_sysinfo_class_init(ObjectClass *klass, void *data) { DeviceClass *dc = DEVICE_CLASS(klass); @@ -120,7 +167,7 @@ static void iotkit_sysinfo_class_init(ObjectClass *klass, void *data) * This device has no guest-modifiable state and so it * does not need a reset function or VMState. */ - + dc->realize = iotkit_sysinfo_realize; device_class_set_props(dc, iotkit_sysinfo_props); } diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c index 603e992a7f..a1fa4878be 100644 --- a/hw/misc/ivshmem.c +++ b/hw/misc/ivshmem.c @@ -35,7 +35,6 @@ #include "qom/object_interfaces.h" #include "chardev/char-fe.h" #include "sysemu/hostmem.h" -#include "sysemu/qtest.h" #include "qapi/visitor.h" #include "hw/misc/ivshmem.h" diff --git a/hw/misc/meson.build b/hw/misc/meson.build index e3263383cd..00356cf12e 100644 --- a/hw/misc/meson.build +++ b/hw/misc/meson.build @@ -96,6 +96,7 @@ softmmu_ss.add(when: 'CONFIG_TZ_MSC', if_true: files('tz-msc.c')) softmmu_ss.add(when: 'CONFIG_TZ_PPC', if_true: files('tz-ppc.c')) softmmu_ss.add(when: 'CONFIG_IOTKIT_SECCTL', if_true: files('iotkit-secctl.c')) softmmu_ss.add(when: 'CONFIG_IOTKIT_SYSINFO', if_true: files('iotkit-sysinfo.c')) +softmmu_ss.add(when: 'CONFIG_ARMSSE_CPU_PWRCTRL', if_true: files('armsse-cpu-pwrctrl.c')) softmmu_ss.add(when: 'CONFIG_ARMSSE_CPUID', if_true: files('armsse-cpuid.c')) softmmu_ss.add(when: 'CONFIG_ARMSSE_MHU', if_true: files('armsse-mhu.c')) diff --git a/hw/misc/mps2-fpgaio.c b/hw/misc/mps2-fpgaio.c index f3db88ddcc..07b8cbdad2 100644 --- a/hw/misc/mps2-fpgaio.c +++ b/hw/misc/mps2-fpgaio.c @@ -29,6 +29,7 @@ #include "qemu/timer.h" REG32(LED0, 0) +REG32(DBGCTRL, 4) REG32(BUTTON, 8) REG32(CLK1HZ, 0x10) REG32(CLK100HZ, 0x14) @@ -129,6 +130,12 @@ static uint64_t mps2_fpgaio_read(void *opaque, hwaddr offset, unsigned size) case A_LED0: r = s->led0; break; + case A_DBGCTRL: + if (!s->has_dbgctrl) { + goto bad_offset; + } + r = s->dbgctrl; + break; case A_BUTTON: /* User-pressable board buttons. We don't model that, so just return * zeroes. @@ -195,6 +202,14 @@ static void mps2_fpgaio_write(void *opaque, hwaddr offset, uint64_t value, } } break; + case A_DBGCTRL: + if (!s->has_dbgctrl) { + goto bad_offset; + } + qemu_log_mask(LOG_UNIMP, + "MPS2 FPGAIO: DBGCTRL unimplemented\n"); + s->dbgctrl = value; + break; case A_PRESCALE: resync_counter(s); s->prescale = value; @@ -225,6 +240,7 @@ static void mps2_fpgaio_write(void *opaque, hwaddr offset, uint64_t value, s->pscntr = value; break; default: + bad_offset: qemu_log_mask(LOG_GUEST_ERROR, "MPS2 FPGAIO write: bad offset 0x%x\n", (int) offset); break; @@ -285,41 +301,22 @@ static void mps2_fpgaio_realize(DeviceState *dev, Error **errp) } } -static bool mps2_fpgaio_counters_needed(void *opaque) -{ - /* Currently vmstate.c insists all subsections have a 'needed' function */ - return true; -} - -static const VMStateDescription mps2_fpgaio_counters_vmstate = { - .name = "mps2-fpgaio/counters", - .version_id = 2, - .minimum_version_id = 2, - .needed = mps2_fpgaio_counters_needed, - .fields = (VMStateField[]) { - VMSTATE_INT64(clk1hz_tick_offset, MPS2FPGAIO), - VMSTATE_INT64(clk100hz_tick_offset, MPS2FPGAIO), - VMSTATE_UINT32(counter, MPS2FPGAIO), - VMSTATE_UINT32(pscntr, MPS2FPGAIO), - VMSTATE_INT64(pscntr_sync_ticks, MPS2FPGAIO), - VMSTATE_END_OF_LIST() - } -}; - static const VMStateDescription mps2_fpgaio_vmstate = { .name = "mps2-fpgaio", - .version_id = 1, - .minimum_version_id = 1, + .version_id = 3, + .minimum_version_id = 3, .fields = (VMStateField[]) { VMSTATE_UINT32(led0, MPS2FPGAIO), VMSTATE_UINT32(prescale, MPS2FPGAIO), VMSTATE_UINT32(misc, MPS2FPGAIO), + VMSTATE_UINT32(dbgctrl, MPS2FPGAIO), + VMSTATE_INT64(clk1hz_tick_offset, MPS2FPGAIO), + VMSTATE_INT64(clk100hz_tick_offset, MPS2FPGAIO), + VMSTATE_UINT32(counter, MPS2FPGAIO), + VMSTATE_UINT32(pscntr, MPS2FPGAIO), + VMSTATE_INT64(pscntr_sync_ticks, MPS2FPGAIO), VMSTATE_END_OF_LIST() }, - .subsections = (const VMStateDescription*[]) { - &mps2_fpgaio_counters_vmstate, - NULL - } }; static Property mps2_fpgaio_properties[] = { @@ -328,6 +325,7 @@ static Property mps2_fpgaio_properties[] = { /* Number of LEDs controlled by LED0 register */ DEFINE_PROP_UINT32("num-leds", MPS2FPGAIO, num_leds, 2), DEFINE_PROP_BOOL("has-switches", MPS2FPGAIO, has_switches, false), + DEFINE_PROP_BOOL("has-dbgctrl", MPS2FPGAIO, has_dbgctrl, false), DEFINE_PROP_END_OF_LIST(), }; diff --git a/hw/misc/mps2-scc.c b/hw/misc/mps2-scc.c index 140a4b9ceb..c56aca86ad 100644 --- a/hw/misc/mps2-scc.c +++ b/hw/misc/mps2-scc.c @@ -110,14 +110,14 @@ static uint64_t mps2_scc_read(void *opaque, hwaddr offset, unsigned size) r = s->cfg1; break; case A_CFG2: - if (scc_partno(s) != 0x524) { + if (scc_partno(s) != 0x524 && scc_partno(s) != 0x547) { /* CFG2 reserved on other boards */ goto bad_offset; } r = s->cfg2; break; case A_CFG3: - if (scc_partno(s) == 0x524) { + if (scc_partno(s) == 0x524 && scc_partno(s) == 0x547) { /* CFG3 reserved on AN524 */ goto bad_offset; } @@ -130,7 +130,7 @@ static uint64_t mps2_scc_read(void *opaque, hwaddr offset, unsigned size) r = s->cfg4; break; case A_CFG5: - if (scc_partno(s) != 0x524) { + if (scc_partno(s) != 0x524 && scc_partno(s) != 0x547) { /* CFG5 reserved on other boards */ goto bad_offset; } @@ -185,7 +185,10 @@ static void mps2_scc_write(void *opaque, hwaddr offset, uint64_t value, switch (offset) { case A_CFG0: - /* TODO on some boards bit 0 controls RAM remapping */ + /* + * TODO on some boards bit 0 controls RAM remapping; + * on others bit 1 is CPU_WAIT. + */ s->cfg0 = value; break; case A_CFG1: @@ -195,7 +198,7 @@ static void mps2_scc_write(void *opaque, hwaddr offset, uint64_t value, } break; case A_CFG2: - if (scc_partno(s) != 0x524) { + if (scc_partno(s) != 0x524 && scc_partno(s) != 0x547) { /* CFG2 reserved on other boards */ goto bad_offset; } @@ -203,7 +206,7 @@ static void mps2_scc_write(void *opaque, hwaddr offset, uint64_t value, s->cfg2 = value; break; case A_CFG5: - if (scc_partno(s) != 0x524) { + if (scc_partno(s) != 0x524 && scc_partno(s) != 0x547) { /* CFG5 reserved on other boards */ goto bad_offset; } diff --git a/hw/misc/npcm7xx_clk.c b/hw/misc/npcm7xx_clk.c index 0bcae9ce95..a1ee67dc9a 100644 --- a/hw/misc/npcm7xx_clk.c +++ b/hw/misc/npcm7xx_clk.c @@ -586,15 +586,26 @@ static const DividerInitInfo divider_init_info_list[] = { }, }; +static void npcm7xx_clk_update_pll_cb(void *opaque, ClockEvent event) +{ + npcm7xx_clk_update_pll(opaque); +} + static void npcm7xx_clk_pll_init(Object *obj) { NPCM7xxClockPLLState *pll = NPCM7XX_CLOCK_PLL(obj); pll->clock_in = qdev_init_clock_in(DEVICE(pll), "clock-in", - npcm7xx_clk_update_pll, pll); + npcm7xx_clk_update_pll_cb, pll, + ClockUpdate); pll->clock_out = qdev_init_clock_out(DEVICE(pll), "clock-out"); } +static void npcm7xx_clk_update_sel_cb(void *opaque, ClockEvent event) +{ + npcm7xx_clk_update_sel(opaque); +} + static void npcm7xx_clk_sel_init(Object *obj) { int i; @@ -603,16 +614,23 @@ static void npcm7xx_clk_sel_init(Object *obj) for (i = 0; i < NPCM7XX_CLK_SEL_MAX_INPUT; ++i) { sel->clock_in[i] = qdev_init_clock_in(DEVICE(sel), g_strdup_printf("clock-in[%d]", i), - npcm7xx_clk_update_sel, sel); + npcm7xx_clk_update_sel_cb, sel, ClockUpdate); } sel->clock_out = qdev_init_clock_out(DEVICE(sel), "clock-out"); } + +static void npcm7xx_clk_update_divider_cb(void *opaque, ClockEvent event) +{ + npcm7xx_clk_update_divider(opaque); +} + static void npcm7xx_clk_divider_init(Object *obj) { NPCM7xxClockDividerState *div = NPCM7XX_CLOCK_DIVIDER(obj); div->clock_in = qdev_init_clock_in(DEVICE(div), "clock-in", - npcm7xx_clk_update_divider, div); + npcm7xx_clk_update_divider_cb, + div, ClockUpdate); div->clock_out = qdev_init_clock_out(DEVICE(div), "clock-out"); } @@ -875,7 +893,7 @@ static void npcm7xx_clk_init_clock_hierarchy(NPCM7xxCLKState *s) { int i; - s->clkref = qdev_init_clock_in(DEVICE(s), "clkref", NULL, NULL); + s->clkref = qdev_init_clock_in(DEVICE(s), "clkref", NULL, NULL, 0); /* First pass: init all converter modules */ QEMU_BUILD_BUG_ON(ARRAY_SIZE(pll_init_info_list) != NPCM7XX_CLOCK_NR_PLLS); diff --git a/hw/misc/npcm7xx_pwm.c b/hw/misc/npcm7xx_pwm.c index dabcb6c0f9..ce192bb274 100644 --- a/hw/misc/npcm7xx_pwm.c +++ b/hw/misc/npcm7xx_pwm.c @@ -493,7 +493,7 @@ static void npcm7xx_pwm_init(Object *obj) memory_region_init_io(&s->iomem, obj, &npcm7xx_pwm_ops, s, TYPE_NPCM7XX_PWM, 4 * KiB); sysbus_init_mmio(sbd, &s->iomem); - s->clock = qdev_init_clock_in(DEVICE(s), "clock", NULL, NULL); + s->clock = qdev_init_clock_in(DEVICE(s), "clock", NULL, NULL, 0); for (i = 0; i < NPCM7XX_PWM_PER_MODULE; ++i) { object_property_add_uint32_ptr(obj, "freq[*]", diff --git a/hw/misc/trace-events b/hw/misc/trace-events index d626b9d7a7..4b15db8ca4 100644 --- a/hw/misc/trace-events +++ b/hw/misc/trace-events @@ -186,6 +186,10 @@ iotkit_sysctl_read(uint64_t offset, uint64_t data, unsigned size) "IoTKit SysCtl iotkit_sysctl_write(uint64_t offset, uint64_t data, unsigned size) "IoTKit SysCtl write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" iotkit_sysctl_reset(void) "IoTKit SysCtl: reset" +# armsse-cpu-pwrctrl.c +armsse_cpu_pwrctrl_read(uint64_t offset, uint64_t data, unsigned size) "SSE-300 CPU_PWRCTRL read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +armsse_cpu_pwrctrl_write(uint64_t offset, uint64_t data, unsigned size) "SSE-300 CPU_PWRCTRL write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" + # armsse-cpuid.c armsse_cpuid_read(uint64_t offset, uint64_t data, unsigned size) "SSE-200 CPU_IDENTITY read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" armsse_cpuid_write(uint64_t offset, uint64_t data, unsigned size) "SSE-200 CPU_IDENTITY write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" diff --git a/hw/misc/zynq_slcr.c b/hw/misc/zynq_slcr.c index 66504a9d3a..c66d7db177 100644 --- a/hw/misc/zynq_slcr.c +++ b/hw/misc/zynq_slcr.c @@ -307,9 +307,10 @@ static void zynq_slcr_propagate_clocks(ZynqSLCRState *s) clock_propagate(s->uart1_ref_clk); } -static void zynq_slcr_ps_clk_callback(void *opaque) +static void zynq_slcr_ps_clk_callback(void *opaque, ClockEvent event) { ZynqSLCRState *s = (ZynqSLCRState *) opaque; + zynq_slcr_compute_clocks(s); zynq_slcr_propagate_clocks(s); } @@ -576,7 +577,7 @@ static const MemoryRegionOps slcr_ops = { }; static const ClockPortInitArray zynq_slcr_clocks = { - QDEV_CLOCK_IN(ZynqSLCRState, ps_clk, zynq_slcr_ps_clk_callback), + QDEV_CLOCK_IN(ZynqSLCRState, ps_clk, zynq_slcr_ps_clk_callback, ClockUpdate), QDEV_CLOCK_OUT(ZynqSLCRState, uart0_ref_clk), QDEV_CLOCK_OUT(ZynqSLCRState, uart1_ref_clk), QDEV_CLOCK_END diff --git a/hw/ppc/ppc440_bamboo.c b/hw/ppc/ppc440_bamboo.c index b156bcb999..b7539aa721 100644 --- a/hw/ppc/ppc440_bamboo.c +++ b/hw/ppc/ppc440_bamboo.c @@ -30,7 +30,6 @@ #include "hw/ppc/ppc.h" #include "ppc405.h" #include "sysemu/sysemu.h" -#include "sysemu/qtest.h" #include "sysemu/reset.h" #include "hw/sysbus.h" #include "hw/intc/ppc-uic.h" diff --git a/hw/ppc/prep.c b/hw/ppc/prep.c index 7e72f6e4a9..f1b1efdcef 100644 --- a/hw/ppc/prep.c +++ b/hw/ppc/prep.c @@ -45,7 +45,6 @@ #include "hw/qdev-properties.h" #include "sysemu/arch_init.h" #include "sysemu/kvm.h" -#include "sysemu/qtest.h" #include "sysemu/reset.h" #include "exec/address-spaces.h" #include "trace.h" diff --git a/hw/ppc/sam460ex.c b/hw/ppc/sam460ex.c index e459b43065..0c6baf77e8 100644 --- a/hw/ppc/sam460ex.c +++ b/hw/ppc/sam460ex.c @@ -30,7 +30,6 @@ #include "ppc405.h" #include "hw/block/flash.h" #include "sysemu/sysemu.h" -#include "sysemu/qtest.h" #include "sysemu/reset.h" #include "hw/sysbus.h" #include "hw/char/serial.h" diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c index 9341e9782a..9ea7ddd1e9 100644 --- a/hw/ppc/spapr_caps.c +++ b/hw/ppc/spapr_caps.c @@ -33,7 +33,6 @@ #include "cpu-models.h" #include "kvm_ppc.h" #include "migration/vmstate.h" -#include "sysemu/qtest.h" #include "sysemu/tcg.h" #include "hw/ppc/spapr.h" diff --git a/hw/ppc/spapr_pci_vfio.c b/hw/ppc/spapr_pci_vfio.c index ecb34aaade..e0547b1740 100644 --- a/hw/ppc/spapr_pci_vfio.c +++ b/hw/ppc/spapr_pci_vfio.c @@ -25,7 +25,6 @@ #include "hw/pci/msix.h" #include "hw/vfio/vfio.h" #include "qemu/error-report.h" -#include "sysemu/qtest.h" bool spapr_phb_eeh_available(SpaprPhbState *sphb) { diff --git a/hw/ppc/spapr_vio.c b/hw/ppc/spapr_vio.c index 3cc9421526..ef06e0362c 100644 --- a/hw/ppc/spapr_vio.c +++ b/hw/ppc/spapr_vio.c @@ -31,7 +31,6 @@ #include "sysemu/device_tree.h" #include "kvm_ppc.h" #include "migration/vmstate.h" -#include "sysemu/qtest.h" #include "hw/ppc/spapr.h" #include "hw/ppc/spapr_vio.h" diff --git a/hw/ppc/virtex_ml507.c b/hw/ppc/virtex_ml507.c index b26ff17767..cb421570da 100644 --- a/hw/ppc/virtex_ml507.c +++ b/hw/ppc/virtex_ml507.c @@ -31,7 +31,6 @@ #include "hw/char/serial.h" #include "hw/block/flash.h" #include "sysemu/sysemu.h" -#include "sysemu/qtest.h" #include "sysemu/reset.h" #include "hw/boards.h" #include "sysemu/device_tree.h" diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c index ed4ca9808e..ec7cb2f707 100644 --- a/hw/riscv/spike.c +++ b/hw/riscv/spike.c @@ -40,7 +40,6 @@ #include "chardev/char.h" #include "sysemu/arch_init.h" #include "sysemu/device_tree.h" -#include "sysemu/qtest.h" #include "sysemu/sysemu.h" static const MemMapEntry spike_memmap[] = { diff --git a/hw/rx/rx62n.c b/hw/rx/rx62n.c index 17ec73fc7b..9c34ce14de 100644 --- a/hw/rx/rx62n.c +++ b/hw/rx/rx62n.c @@ -29,7 +29,6 @@ #include "hw/sysbus.h" #include "hw/qdev-properties.h" #include "sysemu/sysemu.h" -#include "sysemu/qtest.h" #include "cpu.h" #include "qom/object.h" diff --git a/hw/scsi/esp-pci.c b/hw/scsi/esp-pci.c index 4d7c2cab56..c3d3dab05e 100644 --- a/hw/scsi/esp-pci.c +++ b/hw/scsi/esp-pci.c @@ -79,8 +79,10 @@ struct PCIESPState { static void esp_pci_handle_idle(PCIESPState *pci, uint32_t val) { + ESPState *s = ESP(&pci->esp); + trace_esp_pci_dma_idle(val); - esp_dma_enable(&pci->esp, 0, 0); + esp_dma_enable(s, 0, 0); } static void esp_pci_handle_blast(PCIESPState *pci, uint32_t val) @@ -91,14 +93,18 @@ static void esp_pci_handle_blast(PCIESPState *pci, uint32_t val) static void esp_pci_handle_abort(PCIESPState *pci, uint32_t val) { + ESPState *s = ESP(&pci->esp); + trace_esp_pci_dma_abort(val); - if (pci->esp.current_req) { - scsi_req_cancel(pci->esp.current_req); + if (s->current_req) { + scsi_req_cancel(s->current_req); } } static void esp_pci_handle_start(PCIESPState *pci, uint32_t val) { + ESPState *s = ESP(&pci->esp); + trace_esp_pci_dma_start(val); pci->dma_regs[DMA_WBC] = pci->dma_regs[DMA_STC]; @@ -109,7 +115,7 @@ static void esp_pci_handle_start(PCIESPState *pci, uint32_t val) | DMA_STAT_DONE | DMA_STAT_ABORT | DMA_STAT_ERROR | DMA_STAT_PWDN); - esp_dma_enable(&pci->esp, 0, 1); + esp_dma_enable(s, 0, 1); } static void esp_pci_dma_write(PCIESPState *pci, uint32_t saddr, uint32_t val) @@ -155,11 +161,12 @@ static void esp_pci_dma_write(PCIESPState *pci, uint32_t saddr, uint32_t val) static uint32_t esp_pci_dma_read(PCIESPState *pci, uint32_t saddr) { + ESPState *s = ESP(&pci->esp); uint32_t val; val = pci->dma_regs[saddr]; if (saddr == DMA_STAT) { - if (pci->esp.rregs[ESP_RSTAT] & STAT_INT) { + if (s->rregs[ESP_RSTAT] & STAT_INT) { val |= DMA_STAT_SCSIINT; } if (!(pci->sbac & SBAC_STATUS)) { @@ -176,6 +183,7 @@ static void esp_pci_io_write(void *opaque, hwaddr addr, uint64_t val, unsigned int size) { PCIESPState *pci = opaque; + ESPState *s = ESP(&pci->esp); if (size < 4 || addr & 3) { /* need to upgrade request: we only support 4-bytes accesses */ @@ -183,7 +191,7 @@ static void esp_pci_io_write(void *opaque, hwaddr addr, int shift; if (addr < 0x40) { - current = pci->esp.wregs[addr >> 2]; + current = s->wregs[addr >> 2]; } else if (addr < 0x60) { current = pci->dma_regs[(addr - 0x40) >> 2]; } else if (addr < 0x74) { @@ -203,7 +211,7 @@ static void esp_pci_io_write(void *opaque, hwaddr addr, if (addr < 0x40) { /* SCSI core reg */ - esp_reg_write(&pci->esp, addr >> 2, val); + esp_reg_write(s, addr >> 2, val); } else if (addr < 0x60) { /* PCI DMA CCB */ esp_pci_dma_write(pci, (addr - 0x40) >> 2, val); @@ -220,11 +228,12 @@ static uint64_t esp_pci_io_read(void *opaque, hwaddr addr, unsigned int size) { PCIESPState *pci = opaque; + ESPState *s = ESP(&pci->esp); uint32_t ret; if (addr < 0x40) { /* SCSI core reg */ - ret = esp_reg_read(&pci->esp, addr >> 2); + ret = esp_reg_read(s, addr >> 2); } else if (addr < 0x60) { /* PCI DMA CCB */ ret = esp_pci_dma_read(pci, (addr - 0x40) >> 2); @@ -306,7 +315,9 @@ static const MemoryRegionOps esp_pci_io_ops = { static void esp_pci_hard_reset(DeviceState *dev) { PCIESPState *pci = PCI_ESP(dev); - esp_hard_reset(&pci->esp); + ESPState *s = ESP(&pci->esp); + + esp_hard_reset(s); pci->dma_regs[DMA_CMD] &= ~(DMA_CMD_DIR | DMA_CMD_INTE_D | DMA_CMD_INTE_P | DMA_CMD_MDL | DMA_CMD_DIAG | DMA_CMD_MASK); pci->dma_regs[DMA_WBC] &= ~0xffff; @@ -319,11 +330,12 @@ static void esp_pci_hard_reset(DeviceState *dev) static const VMStateDescription vmstate_esp_pci_scsi = { .name = "pciespscsi", - .version_id = 1, + .version_id = 2, .minimum_version_id = 1, .fields = (VMStateField[]) { VMSTATE_PCI_DEVICE(parent_obj, PCIESPState), VMSTATE_BUFFER_UNSAFE(dma_regs, PCIESPState, 0, 8 * sizeof(uint32_t)), + VMSTATE_UINT8_V(esp.mig_version_id, PCIESPState, 2), VMSTATE_STRUCT(esp, PCIESPState, 0, vmstate_esp, ESPState), VMSTATE_END_OF_LIST() } @@ -353,9 +365,13 @@ static void esp_pci_scsi_realize(PCIDevice *dev, Error **errp) { PCIESPState *pci = PCI_ESP(dev); DeviceState *d = DEVICE(dev); - ESPState *s = &pci->esp; + ESPState *s = ESP(&pci->esp); uint8_t *pci_conf; + if (!qdev_realize(DEVICE(s), NULL, errp)) { + return; + } + pci_conf = dev->config; /* Interrupt pin A */ @@ -374,11 +390,19 @@ static void esp_pci_scsi_realize(PCIDevice *dev, Error **errp) scsi_bus_new(&s->bus, sizeof(s->bus), d, &esp_pci_scsi_info, NULL); } -static void esp_pci_scsi_uninit(PCIDevice *d) +static void esp_pci_scsi_exit(PCIDevice *d) { PCIESPState *pci = PCI_ESP(d); + ESPState *s = ESP(&pci->esp); + + qemu_free_irq(s->irq); +} + +static void esp_pci_init(Object *obj) +{ + PCIESPState *pci = PCI_ESP(obj); - qemu_free_irq(pci->esp.irq); + object_initialize_child(obj, "esp", &pci->esp, TYPE_ESP); } static void esp_pci_class_init(ObjectClass *klass, void *data) @@ -387,7 +411,7 @@ static void esp_pci_class_init(ObjectClass *klass, void *data) PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); k->realize = esp_pci_scsi_realize; - k->exit = esp_pci_scsi_uninit; + k->exit = esp_pci_scsi_exit; k->vendor_id = PCI_VENDOR_ID_AMD; k->device_id = PCI_DEVICE_ID_AMD_SCSI; k->revision = 0x10; @@ -401,6 +425,7 @@ static void esp_pci_class_init(ObjectClass *klass, void *data) static const TypeInfo esp_pci_info = { .name = TYPE_AM53C974_DEVICE, .parent = TYPE_PCI_DEVICE, + .instance_init = esp_pci_init, .instance_size = sizeof(PCIESPState), .class_init = esp_pci_class_init, .interfaces = (InterfaceInfo[]) { diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c index 93d9c9c7b9..507ab363bc 100644 --- a/hw/scsi/esp.c +++ b/hw/scsi/esp.c @@ -63,11 +63,13 @@ static void esp_lower_irq(ESPState *s) static void esp_raise_drq(ESPState *s) { qemu_irq_raise(s->irq_data); + trace_esp_raise_drq(); } static void esp_lower_drq(ESPState *s) { qemu_irq_lower(s->irq_data); + trace_esp_lower_drq(); } void esp_dma_enable(ESPState *s, int irq, int level) @@ -96,39 +98,112 @@ void esp_request_cancelled(SCSIRequest *req) } } -static void set_pdma(ESPState *s, enum pdma_origin_id origin, - uint32_t index, uint32_t len) +static void esp_fifo_push(ESPState *s, uint8_t val) { - s->pdma_origin = origin; - s->pdma_start = index; - s->pdma_cur = index; - s->pdma_len = len; + if (fifo8_num_used(&s->fifo) == ESP_FIFO_SZ) { + trace_esp_error_fifo_overrun(); + return; + } + + fifo8_push(&s->fifo, val); +} + +static uint8_t esp_fifo_pop(ESPState *s) +{ + if (fifo8_is_empty(&s->fifo)) { + return 0; + } + + return fifo8_pop(&s->fifo); +} + +static void esp_cmdfifo_push(ESPState *s, uint8_t val) +{ + if (fifo8_num_used(&s->cmdfifo) == ESP_CMDFIFO_SZ) { + trace_esp_error_fifo_overrun(); + return; + } + + fifo8_push(&s->cmdfifo, val); +} + +static uint8_t esp_cmdfifo_pop(ESPState *s) +{ + if (fifo8_is_empty(&s->cmdfifo)) { + return 0; + } + + return fifo8_pop(&s->cmdfifo); +} + +static uint32_t esp_get_tc(ESPState *s) +{ + uint32_t dmalen; + + dmalen = s->rregs[ESP_TCLO]; + dmalen |= s->rregs[ESP_TCMID] << 8; + dmalen |= s->rregs[ESP_TCHI] << 16; + + return dmalen; +} + +static void esp_set_tc(ESPState *s, uint32_t dmalen) +{ + s->rregs[ESP_TCLO] = dmalen; + s->rregs[ESP_TCMID] = dmalen >> 8; + s->rregs[ESP_TCHI] = dmalen >> 16; +} + +static uint32_t esp_get_stc(ESPState *s) +{ + uint32_t dmalen; + + dmalen = s->wregs[ESP_TCLO]; + dmalen |= s->wregs[ESP_TCMID] << 8; + dmalen |= s->wregs[ESP_TCHI] << 16; + + return dmalen; +} + +static uint8_t esp_pdma_read(ESPState *s) +{ + uint8_t val; + + if (s->do_cmd) { + val = esp_cmdfifo_pop(s); + } else { + val = esp_fifo_pop(s); + } + + return val; } -static uint8_t *get_pdma_buf(ESPState *s) +static void esp_pdma_write(ESPState *s, uint8_t val) { - switch (s->pdma_origin) { - case PDMA: - return s->pdma_buf; - case TI: - return s->ti_buf; - case CMD: - return s->cmdbuf; - case ASYNC: - return s->async_buf; + uint32_t dmalen = esp_get_tc(s); + + if (dmalen == 0) { + return; + } + + if (s->do_cmd) { + esp_cmdfifo_push(s, val); + } else { + esp_fifo_push(s, val); } - return NULL; + + dmalen--; + esp_set_tc(s, dmalen); } -static int get_cmd_cb(ESPState *s) +static int esp_select(ESPState *s) { int target; target = s->wregs[ESP_WBUSID] & BUSID_DID; s->ti_size = 0; - s->ti_rptr = 0; - s->ti_wptr = 0; + fifo8_reset(&s->fifo); if (s->current_req) { /* Started a new command before the old one finished. Cancel it. */ @@ -140,148 +215,195 @@ static int get_cmd_cb(ESPState *s) if (!s->current_dev) { /* No such drive */ s->rregs[ESP_RSTAT] = 0; - s->rregs[ESP_RINTR] = INTR_DC; + s->rregs[ESP_RINTR] |= INTR_DC; s->rregs[ESP_RSEQ] = SEQ_0; esp_raise_irq(s); return -1; } + + /* + * Note that we deliberately don't raise the IRQ here: this will be done + * either in do_busid_cmd() for DATA OUT transfers or by the deferred + * IRQ mechanism in esp_transfer_data() for DATA IN transfers + */ + s->rregs[ESP_RINTR] |= INTR_FC; + s->rregs[ESP_RSEQ] = SEQ_CD; return 0; } -static uint32_t get_cmd(ESPState *s, uint8_t *buf, uint8_t buflen) +static uint32_t get_cmd(ESPState *s, uint32_t maxlen) { - uint32_t dmalen; + uint8_t buf[ESP_CMDFIFO_SZ]; + uint32_t dmalen, n; int target; target = s->wregs[ESP_WBUSID] & BUSID_DID; if (s->dma) { - dmalen = s->rregs[ESP_TCLO]; - dmalen |= s->rregs[ESP_TCMID] << 8; - dmalen |= s->rregs[ESP_TCHI] << 16; - if (dmalen > buflen) { + dmalen = MIN(esp_get_tc(s), maxlen); + if (dmalen == 0) { return 0; } if (s->dma_memory_read) { s->dma_memory_read(s->dma_opaque, buf, dmalen); + fifo8_push_all(&s->cmdfifo, buf, dmalen); } else { - memcpy(s->pdma_buf, buf, dmalen); - set_pdma(s, PDMA, 0, dmalen); + if (esp_select(s) < 0) { + fifo8_reset(&s->cmdfifo); + return -1; + } esp_raise_drq(s); + fifo8_reset(&s->cmdfifo); return 0; } } else { - dmalen = s->ti_size; - if (dmalen > TI_BUFSZ) { + dmalen = MIN(fifo8_num_used(&s->fifo), maxlen); + if (dmalen == 0) { return 0; } - memcpy(buf, s->ti_buf, dmalen); - buf[0] = buf[2] >> 5; + memcpy(buf, fifo8_pop_buf(&s->fifo, dmalen, &n), dmalen); + if (dmalen >= 3) { + buf[0] = buf[2] >> 5; + } + fifo8_push_all(&s->cmdfifo, buf, dmalen); } trace_esp_get_cmd(dmalen, target); - if (get_cmd_cb(s) < 0) { - return 0; + if (esp_select(s) < 0) { + fifo8_reset(&s->cmdfifo); + return -1; } return dmalen; } -static void do_busid_cmd(ESPState *s, uint8_t *buf, uint8_t busid) +static void do_busid_cmd(ESPState *s, uint8_t busid) { + uint32_t n, cmdlen; int32_t datalen; int lun; SCSIDevice *current_lun; + uint8_t *buf; trace_esp_do_busid_cmd(busid); lun = busid & 7; + cmdlen = fifo8_num_used(&s->cmdfifo); + buf = (uint8_t *)fifo8_pop_buf(&s->cmdfifo, cmdlen, &n); + current_lun = scsi_device_find(&s->bus, 0, s->current_dev->id, lun); s->current_req = scsi_req_new(current_lun, 0, lun, buf, s); datalen = scsi_req_enqueue(s->current_req); s->ti_size = datalen; + fifo8_reset(&s->cmdfifo); if (datalen != 0) { s->rregs[ESP_RSTAT] = STAT_TC; - s->dma_left = 0; - s->dma_counter = 0; + s->rregs[ESP_RSEQ] = SEQ_CD; + s->ti_cmd = 0; + esp_set_tc(s, 0); if (datalen > 0) { + /* + * Switch to DATA IN phase but wait until initial data xfer is + * complete before raising the command completion interrupt + */ + s->data_in_ready = false; s->rregs[ESP_RSTAT] |= STAT_DI; } else { s->rregs[ESP_RSTAT] |= STAT_DO; + s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; + esp_raise_irq(s); + esp_lower_drq(s); } scsi_req_continue(s->current_req); + return; } - s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; - s->rregs[ESP_RSEQ] = SEQ_CD; - esp_raise_irq(s); } -static void do_cmd(ESPState *s, uint8_t *buf) +static void do_cmd(ESPState *s) { - uint8_t busid = buf[0]; + uint8_t busid = fifo8_pop(&s->cmdfifo); + uint32_t n; + + s->cmdfifo_cdb_offset--; + + /* Ignore extended messages for now */ + if (s->cmdfifo_cdb_offset) { + fifo8_pop_buf(&s->cmdfifo, s->cmdfifo_cdb_offset, &n); + s->cmdfifo_cdb_offset = 0; + } - do_busid_cmd(s, &buf[1], busid); + do_busid_cmd(s, busid); } static void satn_pdma_cb(ESPState *s) { - if (get_cmd_cb(s) < 0) { - return; - } - if (s->pdma_cur != s->pdma_start) { - do_cmd(s, get_pdma_buf(s) + s->pdma_start); + s->do_cmd = 0; + if (!fifo8_is_empty(&s->cmdfifo)) { + s->cmdfifo_cdb_offset = 1; + do_cmd(s); } } static void handle_satn(ESPState *s) { - uint8_t buf[32]; - int len; + int32_t cmdlen; if (s->dma && !s->dma_enabled) { s->dma_cb = handle_satn; return; } s->pdma_cb = satn_pdma_cb; - len = get_cmd(s, buf, sizeof(buf)); - if (len) - do_cmd(s, buf); + cmdlen = get_cmd(s, ESP_CMDFIFO_SZ); + if (cmdlen > 0) { + s->cmdfifo_cdb_offset = 1; + do_cmd(s); + } else if (cmdlen == 0) { + s->do_cmd = 1; + /* Target present, but no cmd yet - switch to command phase */ + s->rregs[ESP_RSEQ] = SEQ_CD; + s->rregs[ESP_RSTAT] = STAT_CD; + } } static void s_without_satn_pdma_cb(ESPState *s) { - if (get_cmd_cb(s) < 0) { - return; - } - if (s->pdma_cur != s->pdma_start) { - do_busid_cmd(s, get_pdma_buf(s) + s->pdma_start, 0); + uint32_t len; + + s->do_cmd = 0; + len = fifo8_num_used(&s->cmdfifo); + if (len) { + s->cmdfifo_cdb_offset = 0; + do_busid_cmd(s, 0); } } static void handle_s_without_atn(ESPState *s) { - uint8_t buf[32]; - int len; + int32_t cmdlen; if (s->dma && !s->dma_enabled) { s->dma_cb = handle_s_without_atn; return; } s->pdma_cb = s_without_satn_pdma_cb; - len = get_cmd(s, buf, sizeof(buf)); - if (len) { - do_busid_cmd(s, buf, 0); + cmdlen = get_cmd(s, ESP_CMDFIFO_SZ); + if (cmdlen > 0) { + s->cmdfifo_cdb_offset = 0; + do_busid_cmd(s, 0); + } else if (cmdlen == 0) { + s->do_cmd = 1; + /* Target present, but no cmd yet - switch to command phase */ + s->rregs[ESP_RSEQ] = SEQ_CD; + s->rregs[ESP_RSTAT] = STAT_CD; } } static void satn_stop_pdma_cb(ESPState *s) { - if (get_cmd_cb(s) < 0) { - return; - } - s->cmdlen = s->pdma_cur - s->pdma_start; - if (s->cmdlen) { - trace_esp_handle_satn_stop(s->cmdlen); + s->do_cmd = 0; + if (!fifo8_is_empty(&s->cmdfifo)) { + trace_esp_handle_satn_stop(fifo8_num_used(&s->cmdfifo)); s->do_cmd = 1; + s->cmdfifo_cdb_offset = 1; s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD; - s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; + s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; s->rregs[ESP_RSEQ] = SEQ_CD; esp_raise_irq(s); } @@ -289,51 +411,62 @@ static void satn_stop_pdma_cb(ESPState *s) static void handle_satn_stop(ESPState *s) { + int32_t cmdlen; + if (s->dma && !s->dma_enabled) { s->dma_cb = handle_satn_stop; return; } s->pdma_cb = satn_stop_pdma_cb; - s->cmdlen = get_cmd(s, s->cmdbuf, sizeof(s->cmdbuf)); - if (s->cmdlen) { - trace_esp_handle_satn_stop(s->cmdlen); + cmdlen = get_cmd(s, 1); + if (cmdlen > 0) { + trace_esp_handle_satn_stop(fifo8_num_used(&s->cmdfifo)); s->do_cmd = 1; - s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD; - s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; - s->rregs[ESP_RSEQ] = SEQ_CD; + s->cmdfifo_cdb_offset = 1; + s->rregs[ESP_RSTAT] = STAT_MO; + s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; + s->rregs[ESP_RSEQ] = SEQ_MO; esp_raise_irq(s); + } else if (cmdlen == 0) { + s->do_cmd = 1; + /* Target present, switch to message out phase */ + s->rregs[ESP_RSEQ] = SEQ_MO; + s->rregs[ESP_RSTAT] = STAT_MO; } } static void write_response_pdma_cb(ESPState *s) { s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST; - s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; + s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; s->rregs[ESP_RSEQ] = SEQ_CD; esp_raise_irq(s); } static void write_response(ESPState *s) { + uint32_t n; + trace_esp_write_response(s->status); - s->ti_buf[0] = s->status; - s->ti_buf[1] = 0; + + fifo8_reset(&s->fifo); + esp_fifo_push(s, s->status); + esp_fifo_push(s, 0); + if (s->dma) { if (s->dma_memory_write) { - s->dma_memory_write(s->dma_opaque, s->ti_buf, 2); + s->dma_memory_write(s->dma_opaque, + (uint8_t *)fifo8_pop_buf(&s->fifo, 2, &n), 2); s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST; - s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; + s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; s->rregs[ESP_RSEQ] = SEQ_CD; } else { - set_pdma(s, TI, 0, 2); s->pdma_cb = write_response_pdma_cb; esp_raise_drq(s); return; } } else { s->ti_size = 2; - s->ti_rptr = 0; - s->ti_wptr = 2; s->rregs[ESP_RFLAGS] = 2; } esp_raise_irq(s); @@ -342,77 +475,133 @@ static void write_response(ESPState *s) static void esp_dma_done(ESPState *s) { s->rregs[ESP_RSTAT] |= STAT_TC; - s->rregs[ESP_RINTR] = INTR_BS; + s->rregs[ESP_RINTR] |= INTR_BS; s->rregs[ESP_RSEQ] = 0; s->rregs[ESP_RFLAGS] = 0; - s->rregs[ESP_TCLO] = 0; - s->rregs[ESP_TCMID] = 0; - s->rregs[ESP_TCHI] = 0; + esp_set_tc(s, 0); esp_raise_irq(s); } static void do_dma_pdma_cb(ESPState *s) { - int to_device = (s->ti_size < 0); - int len = s->pdma_cur - s->pdma_start; + int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO); + int len; + uint32_t n; + if (s->do_cmd) { s->ti_size = 0; - s->cmdlen = 0; s->do_cmd = 0; - do_cmd(s, s->cmdbuf); + do_cmd(s); + esp_lower_drq(s); return; } - s->dma_left -= len; - s->async_buf += len; - s->async_len -= len; + if (to_device) { - s->ti_size += len; + /* Copy FIFO data to device */ + len = MIN(s->async_len, ESP_FIFO_SZ); + len = MIN(len, fifo8_num_used(&s->fifo)); + memcpy(s->async_buf, fifo8_pop_buf(&s->fifo, len, &n), len); + s->async_buf += n; + s->async_len -= n; + s->ti_size += n; + + if (n < len) { + /* Unaligned accesses can cause FIFO wraparound */ + len = len - n; + memcpy(s->async_buf, fifo8_pop_buf(&s->fifo, len, &n), len); + s->async_buf += n; + s->async_len -= n; + s->ti_size += n; + } + + if (s->async_len == 0) { + scsi_req_continue(s->current_req); + return; + } + + if (esp_get_tc(s) == 0) { + esp_lower_drq(s); + esp_dma_done(s); + } + + return; } else { - s->ti_size -= len; - } - if (s->async_len == 0) { - scsi_req_continue(s->current_req); - /* - * If there is still data to be read from the device then - * complete the DMA operation immediately. Otherwise defer - * until the scsi layer has completed. - */ - if (to_device || s->dma_left != 0 || s->ti_size == 0) { + if (s->async_len == 0) { + if (s->current_req) { + /* Defer until the scsi layer has completed */ + scsi_req_continue(s->current_req); + s->data_in_ready = false; + } return; } - } - /* Partially filled a scsi buffer. Complete immediately. */ - esp_dma_done(s); + if (esp_get_tc(s) != 0) { + /* Copy device data to FIFO */ + len = MIN(s->async_len, esp_get_tc(s)); + len = MIN(len, fifo8_num_free(&s->fifo)); + fifo8_push_all(&s->fifo, s->async_buf, len); + s->async_buf += len; + s->async_len -= len; + s->ti_size -= len; + esp_set_tc(s, esp_get_tc(s) - len); + + if (esp_get_tc(s) == 0) { + /* Indicate transfer to FIFO is complete */ + s->rregs[ESP_RSTAT] |= STAT_TC; + } + return; + } + + /* Partially filled a scsi buffer. Complete immediately. */ + esp_lower_drq(s); + esp_dma_done(s); + } } static void esp_do_dma(ESPState *s) { - uint32_t len; - int to_device; + uint32_t len, cmdlen; + int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO); + uint8_t buf[ESP_CMDFIFO_SZ]; - len = s->dma_left; + len = esp_get_tc(s); if (s->do_cmd) { /* * handle_ti_cmd() case: esp_do_dma() is called only from * handle_ti_cmd() with do_cmd != NULL (see the assert()) */ - trace_esp_do_dma(s->cmdlen, len); - assert (s->cmdlen <= sizeof(s->cmdbuf) && - len <= sizeof(s->cmdbuf) - s->cmdlen); + cmdlen = fifo8_num_used(&s->cmdfifo); + trace_esp_do_dma(cmdlen, len); if (s->dma_memory_read) { - s->dma_memory_read(s->dma_opaque, &s->cmdbuf[s->cmdlen], len); + s->dma_memory_read(s->dma_opaque, buf, len); + fifo8_push_all(&s->cmdfifo, buf, len); } else { - set_pdma(s, CMD, s->cmdlen, len); s->pdma_cb = do_dma_pdma_cb; esp_raise_drq(s); return; } - trace_esp_handle_ti_cmd(s->cmdlen); + trace_esp_handle_ti_cmd(cmdlen); s->ti_size = 0; - s->cmdlen = 0; - s->do_cmd = 0; - do_cmd(s, s->cmdbuf); + if ((s->rregs[ESP_RSTAT] & 7) == STAT_CD) { + /* No command received */ + if (s->cmdfifo_cdb_offset == fifo8_num_used(&s->cmdfifo)) { + return; + } + + /* Command has been received */ + s->do_cmd = 0; + do_cmd(s); + } else { + /* + * Extra message out bytes received: update cmdfifo_cdb_offset + * and then switch to commmand phase + */ + s->cmdfifo_cdb_offset = fifo8_num_used(&s->cmdfifo); + s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD; + s->rregs[ESP_RSEQ] = SEQ_CD; + s->rregs[ESP_RINTR] |= INTR_BS; + esp_raise_irq(s); + } return; } if (s->async_len == 0) { @@ -422,12 +611,10 @@ static void esp_do_dma(ESPState *s) if (len > s->async_len) { len = s->async_len; } - to_device = (s->ti_size < 0); if (to_device) { if (s->dma_memory_read) { s->dma_memory_read(s->dma_opaque, s->async_buf, len); } else { - set_pdma(s, ASYNC, 0, len); s->pdma_cb = do_dma_pdma_cb; esp_raise_drq(s); return; @@ -436,48 +623,145 @@ static void esp_do_dma(ESPState *s) if (s->dma_memory_write) { s->dma_memory_write(s->dma_opaque, s->async_buf, len); } else { - set_pdma(s, ASYNC, 0, len); + /* Adjust TC for any leftover data in the FIFO */ + if (!fifo8_is_empty(&s->fifo)) { + esp_set_tc(s, esp_get_tc(s) - fifo8_num_used(&s->fifo)); + } + + /* Copy device data to FIFO */ + len = MIN(len, fifo8_num_free(&s->fifo)); + fifo8_push_all(&s->fifo, s->async_buf, len); + s->async_buf += len; + s->async_len -= len; + s->ti_size -= len; + + /* + * MacOS toolbox uses a TI length of 16 bytes for all commands, so + * commands shorter than this must be padded accordingly + */ + if (len < esp_get_tc(s) && esp_get_tc(s) <= ESP_FIFO_SZ) { + while (fifo8_num_used(&s->fifo) < ESP_FIFO_SZ) { + esp_fifo_push(s, 0); + len++; + } + } + + esp_set_tc(s, esp_get_tc(s) - len); s->pdma_cb = do_dma_pdma_cb; esp_raise_drq(s); + + /* Indicate transfer to FIFO is complete */ + s->rregs[ESP_RSTAT] |= STAT_TC; return; } } - s->dma_left -= len; + esp_set_tc(s, esp_get_tc(s) - len); s->async_buf += len; s->async_len -= len; - if (to_device) + if (to_device) { s->ti_size += len; - else + } else { s->ti_size -= len; + } if (s->async_len == 0) { scsi_req_continue(s->current_req); - /* If there is still data to be read from the device then - complete the DMA operation immediately. Otherwise defer - until the scsi layer has completed. */ - if (to_device || s->dma_left != 0 || s->ti_size == 0) { + /* + * If there is still data to be read from the device then + * complete the DMA operation immediately. Otherwise defer + * until the scsi layer has completed. + */ + if (to_device || esp_get_tc(s) != 0 || s->ti_size == 0) { return; } } /* Partially filled a scsi buffer. Complete immediately. */ esp_dma_done(s); + esp_lower_drq(s); } -static void esp_report_command_complete(ESPState *s, uint32_t status) +static void esp_do_nodma(ESPState *s) { + int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO); + uint32_t cmdlen, n; + int len; + + if (s->do_cmd) { + cmdlen = fifo8_num_used(&s->cmdfifo); + trace_esp_handle_ti_cmd(cmdlen); + s->ti_size = 0; + if ((s->rregs[ESP_RSTAT] & 7) == STAT_CD) { + /* No command received */ + if (s->cmdfifo_cdb_offset == fifo8_num_used(&s->cmdfifo)) { + return; + } + + /* Command has been received */ + s->do_cmd = 0; + do_cmd(s); + } else { + /* + * Extra message out bytes received: update cmdfifo_cdb_offset + * and then switch to commmand phase + */ + s->cmdfifo_cdb_offset = fifo8_num_used(&s->cmdfifo); + s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD; + s->rregs[ESP_RSEQ] = SEQ_CD; + s->rregs[ESP_RINTR] |= INTR_BS; + esp_raise_irq(s); + } + return; + } + + if (s->async_len == 0) { + /* Defer until data is available. */ + return; + } + + if (to_device) { + len = MIN(fifo8_num_used(&s->fifo), ESP_FIFO_SZ); + memcpy(s->async_buf, fifo8_pop_buf(&s->fifo, len, &n), len); + s->async_buf += len; + s->async_len -= len; + s->ti_size += len; + } else { + len = MIN(s->ti_size, s->async_len); + len = MIN(len, fifo8_num_free(&s->fifo)); + fifo8_push_all(&s->fifo, s->async_buf, len); + s->async_buf += len; + s->async_len -= len; + s->ti_size -= len; + } + + if (s->async_len == 0) { + scsi_req_continue(s->current_req); + + if (to_device || s->ti_size == 0) { + return; + } + } + + s->rregs[ESP_RINTR] |= INTR_BS; + esp_raise_irq(s); +} + +void esp_command_complete(SCSIRequest *req, size_t resid) +{ + ESPState *s = req->hba_private; + trace_esp_command_complete(); if (s->ti_size != 0) { trace_esp_command_complete_unexpected(); } s->ti_size = 0; - s->dma_left = 0; s->async_len = 0; - if (status) { + if (req->status) { trace_esp_command_complete_fail(); } - s->status = status; + s->status = req->status; s->rregs[ESP_RSTAT] = STAT_ST; esp_dma_done(s); + esp_lower_drq(s); if (s->current_req) { scsi_req_unref(s->current_req); s->current_req = NULL; @@ -485,73 +769,83 @@ static void esp_report_command_complete(ESPState *s, uint32_t status) } } -void esp_command_complete(SCSIRequest *req, size_t resid) +void esp_transfer_data(SCSIRequest *req, uint32_t len) { ESPState *s = req->hba_private; + int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO); + uint32_t dmalen = esp_get_tc(s); - if (s->rregs[ESP_RSTAT] & STAT_INT) { - /* Defer handling command complete until the previous - * interrupt has been handled. + assert(!s->do_cmd); + trace_esp_transfer_data(dmalen, s->ti_size); + s->async_len = len; + s->async_buf = scsi_req_get_buf(req); + + if (!to_device && !s->data_in_ready) { + /* + * Initial incoming data xfer is complete so raise command + * completion interrupt */ - trace_esp_command_complete_deferred(); - s->deferred_status = req->status; - s->deferred_complete = true; + s->data_in_ready = true; + s->rregs[ESP_RSTAT] |= STAT_TC; + s->rregs[ESP_RINTR] |= INTR_BS; + esp_raise_irq(s); + + /* + * If data is ready to transfer and the TI command has already + * been executed, start DMA immediately. Otherwise DMA will start + * when host sends the TI command + */ + if (s->ti_size && (s->rregs[ESP_CMD] == (CMD_TI | CMD_DMA))) { + esp_do_dma(s); + } return; } - esp_report_command_complete(s, req->status); -} -void esp_transfer_data(SCSIRequest *req, uint32_t len) -{ - ESPState *s = req->hba_private; + if (s->ti_cmd == 0) { + /* + * Always perform the initial transfer upon reception of the next TI + * command to ensure the DMA/non-DMA status of the command is correct. + * It is not possible to use s->dma directly in the section below as + * some OSs send non-DMA NOP commands after a DMA transfer. Hence if the + * async data transfer is delayed then s->dma is set incorrectly. + */ + return; + } - assert(!s->do_cmd); - trace_esp_transfer_data(s->dma_left, s->ti_size); - s->async_len = len; - s->async_buf = scsi_req_get_buf(req); - if (s->dma_left) { - esp_do_dma(s); - } else if (s->dma_counter != 0 && s->ti_size <= 0) { - /* If this was the last part of a DMA transfer then the - completion interrupt is deferred to here. */ - esp_dma_done(s); + if (s->ti_cmd & CMD_DMA) { + if (dmalen) { + esp_do_dma(s); + } else if (s->ti_size <= 0) { + /* + * If this was the last part of a DMA transfer then the + * completion interrupt is deferred to here. + */ + esp_dma_done(s); + esp_lower_drq(s); + } + } else { + esp_do_nodma(s); } } static void handle_ti(ESPState *s) { - uint32_t dmalen, minlen; + uint32_t dmalen; if (s->dma && !s->dma_enabled) { s->dma_cb = handle_ti; return; } - dmalen = s->rregs[ESP_TCLO]; - dmalen |= s->rregs[ESP_TCMID] << 8; - dmalen |= s->rregs[ESP_TCHI] << 16; - if (dmalen==0) { - dmalen=0x10000; - } - s->dma_counter = dmalen; - - if (s->do_cmd) - minlen = (dmalen < ESP_CMDBUF_SZ) ? dmalen : ESP_CMDBUF_SZ; - else if (s->ti_size < 0) - minlen = (dmalen < -s->ti_size) ? dmalen : -s->ti_size; - else - minlen = (dmalen < s->ti_size) ? dmalen : s->ti_size; - trace_esp_handle_ti(minlen); + s->ti_cmd = s->rregs[ESP_CMD]; if (s->dma) { - s->dma_left = minlen; + dmalen = esp_get_tc(s); + trace_esp_handle_ti(dmalen); s->rregs[ESP_RSTAT] &= ~STAT_TC; esp_do_dma(s); - } else if (s->do_cmd) { - trace_esp_handle_ti_cmd(s->cmdlen); - s->ti_size = 0; - s->cmdlen = 0; - s->do_cmd = 0; - do_cmd(s, s->cmdbuf); + } else { + trace_esp_handle_ti(s->ti_size); + esp_do_nodma(s); } } @@ -561,8 +855,8 @@ void esp_hard_reset(ESPState *s) memset(s->wregs, 0, ESP_REGS); s->tchi_written = 0; s->ti_size = 0; - s->ti_rptr = 0; - s->ti_wptr = 0; + fifo8_reset(&s->fifo); + fifo8_reset(&s->cmdfifo); s->dma = 0; s->do_cmd = 0; s->dma_cb = NULL; @@ -586,46 +880,50 @@ static void parent_esp_reset(ESPState *s, int irq, int level) uint64_t esp_reg_read(ESPState *s, uint32_t saddr) { - uint32_t old_val; + uint32_t val; - trace_esp_mem_readb(saddr, s->rregs[saddr]); switch (saddr) { case ESP_FIFO: - if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) { + if (s->dma_memory_read && s->dma_memory_write && + (s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) { /* Data out. */ qemu_log_mask(LOG_UNIMP, "esp: PIO data read not implemented\n"); s->rregs[ESP_FIFO] = 0; - } else if (s->ti_rptr < s->ti_wptr) { - s->ti_size--; - s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++]; - } - if (s->ti_rptr == s->ti_wptr) { - s->ti_rptr = 0; - s->ti_wptr = 0; + } else { + s->rregs[ESP_FIFO] = esp_fifo_pop(s); } + val = s->rregs[ESP_FIFO]; break; case ESP_RINTR: - /* Clear sequence step, interrupt register and all status bits - except TC */ - old_val = s->rregs[ESP_RINTR]; + /* + * Clear sequence step, interrupt register and all status bits + * except TC + */ + val = s->rregs[ESP_RINTR]; s->rregs[ESP_RINTR] = 0; s->rregs[ESP_RSTAT] &= ~STAT_TC; - s->rregs[ESP_RSEQ] = SEQ_CD; + s->rregs[ESP_RSEQ] = SEQ_0; esp_lower_irq(s); - if (s->deferred_complete) { - esp_report_command_complete(s, s->deferred_status); - s->deferred_complete = false; - } - return old_val; + break; case ESP_TCHI: /* Return the unique id if the value has never been written */ if (!s->tchi_written) { - return s->chip_id; + val = s->chip_id; + } else { + val = s->rregs[saddr]; } + break; + case ESP_RFLAGS: + /* Bottom 5 bits indicate number of bytes in FIFO */ + val = fifo8_num_used(&s->fifo); + break; default: + val = s->rregs[saddr]; break; } - return s->rregs[saddr]; + + trace_esp_mem_readb(saddr, val); + return val; } void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val) @@ -641,16 +939,15 @@ void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val) break; case ESP_FIFO: if (s->do_cmd) { - if (s->cmdlen < ESP_CMDBUF_SZ) { - s->cmdbuf[s->cmdlen++] = val & 0xff; - } else { - trace_esp_error_fifo_overrun(); - } - } else if (s->ti_wptr == TI_BUFSZ - 1) { - trace_esp_error_fifo_overrun(); + esp_cmdfifo_push(s, val); } else { - s->ti_size++; - s->ti_buf[s->ti_wptr++] = val & 0xff; + esp_fifo_push(s, val); + } + + /* Non-DMA transfers raise an interrupt after every byte */ + if (s->rregs[ESP_CMD] == CMD_TI) { + s->rregs[ESP_RINTR] |= INTR_FC | INTR_BS; + esp_raise_irq(s); } break; case ESP_CMD: @@ -658,22 +955,21 @@ void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val) if (val & CMD_DMA) { s->dma = 1; /* Reload DMA counter. */ - s->rregs[ESP_TCLO] = s->wregs[ESP_TCLO]; - s->rregs[ESP_TCMID] = s->wregs[ESP_TCMID]; - s->rregs[ESP_TCHI] = s->wregs[ESP_TCHI]; + if (esp_get_stc(s) == 0) { + esp_set_tc(s, 0x10000); + } else { + esp_set_tc(s, esp_get_stc(s)); + } } else { s->dma = 0; } - switch(val & CMD_CMD) { + switch (val & CMD_CMD) { case CMD_NOP: trace_esp_mem_writeb_cmd_nop(val); break; case CMD_FLUSH: trace_esp_mem_writeb_cmd_flush(val); - //s->ti_size = 0; - s->rregs[ESP_RINTR] = INTR_FC; - s->rregs[ESP_RSEQ] = 0; - s->rregs[ESP_RFLAGS] = 0; + fifo8_reset(&s->fifo); break; case CMD_RESET: trace_esp_mem_writeb_cmd_reset(val); @@ -681,23 +977,24 @@ void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val) break; case CMD_BUSRESET: trace_esp_mem_writeb_cmd_bus_reset(val); - s->rregs[ESP_RINTR] = INTR_RST; if (!(s->wregs[ESP_CFG1] & CFG1_RESREPT)) { + s->rregs[ESP_RINTR] |= INTR_RST; esp_raise_irq(s); } break; case CMD_TI: + trace_esp_mem_writeb_cmd_ti(val); handle_ti(s); break; case CMD_ICCS: trace_esp_mem_writeb_cmd_iccs(val); write_response(s); - s->rregs[ESP_RINTR] = INTR_FC; + s->rregs[ESP_RINTR] |= INTR_FC; s->rregs[ESP_RSTAT] |= STAT_MI; break; case CMD_MSGACC: trace_esp_mem_writeb_cmd_msgacc(val); - s->rregs[ESP_RINTR] = INTR_DC; + s->rregs[ESP_RINTR] |= INTR_DC; s->rregs[ESP_RSEQ] = 0; s->rregs[ESP_RFLAGS] = 0; esp_raise_irq(s); @@ -705,7 +1002,7 @@ void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val) case CMD_PAD: trace_esp_mem_writeb_cmd_pad(val); s->rregs[ESP_RSTAT] = STAT_TC; - s->rregs[ESP_RINTR] = INTR_FC; + s->rregs[ESP_RINTR] |= INTR_FC; s->rregs[ESP_RSEQ] = 0; break; case CMD_SATN: @@ -763,74 +1060,112 @@ static bool esp_mem_accepts(void *opaque, hwaddr addr, return (size == 1) || (is_write && size == 4); } -static bool esp_pdma_needed(void *opaque) +static bool esp_is_before_version_5(void *opaque, int version_id) { - ESPState *s = opaque; - return s->dma_memory_read == NULL && s->dma_memory_write == NULL && - s->dma_enabled; + ESPState *s = ESP(opaque); + + version_id = MIN(version_id, s->mig_version_id); + return version_id < 5; } -static const VMStateDescription vmstate_esp_pdma = { - .name = "esp/pdma", - .version_id = 1, - .minimum_version_id = 1, - .needed = esp_pdma_needed, - .fields = (VMStateField[]) { - VMSTATE_BUFFER(pdma_buf, ESPState), - VMSTATE_INT32(pdma_origin, ESPState), - VMSTATE_UINT32(pdma_len, ESPState), - VMSTATE_UINT32(pdma_start, ESPState), - VMSTATE_UINT32(pdma_cur, ESPState), - VMSTATE_END_OF_LIST() +static bool esp_is_version_5(void *opaque, int version_id) +{ + ESPState *s = ESP(opaque); + + version_id = MIN(version_id, s->mig_version_id); + return version_id == 5; +} + +static int esp_pre_save(void *opaque) +{ + ESPState *s = ESP(opaque); + + s->mig_version_id = vmstate_esp.version_id; + return 0; +} + +static int esp_post_load(void *opaque, int version_id) +{ + ESPState *s = ESP(opaque); + int len, i; + + version_id = MIN(version_id, s->mig_version_id); + + if (version_id < 5) { + esp_set_tc(s, s->mig_dma_left); + + /* Migrate ti_buf to fifo */ + len = s->mig_ti_wptr - s->mig_ti_rptr; + for (i = 0; i < len; i++) { + fifo8_push(&s->fifo, s->mig_ti_buf[i]); + } + + /* Migrate cmdbuf to cmdfifo */ + for (i = 0; i < s->mig_cmdlen; i++) { + fifo8_push(&s->cmdfifo, s->mig_cmdbuf[i]); + } } -}; + + s->mig_version_id = vmstate_esp.version_id; + return 0; +} const VMStateDescription vmstate_esp = { - .name ="esp", - .version_id = 4, + .name = "esp", + .version_id = 5, .minimum_version_id = 3, + .pre_save = esp_pre_save, + .post_load = esp_post_load, .fields = (VMStateField[]) { VMSTATE_BUFFER(rregs, ESPState), VMSTATE_BUFFER(wregs, ESPState), VMSTATE_INT32(ti_size, ESPState), - VMSTATE_UINT32(ti_rptr, ESPState), - VMSTATE_UINT32(ti_wptr, ESPState), - VMSTATE_BUFFER(ti_buf, ESPState), + VMSTATE_UINT32_TEST(mig_ti_rptr, ESPState, esp_is_before_version_5), + VMSTATE_UINT32_TEST(mig_ti_wptr, ESPState, esp_is_before_version_5), + VMSTATE_BUFFER_TEST(mig_ti_buf, ESPState, esp_is_before_version_5), VMSTATE_UINT32(status, ESPState), - VMSTATE_UINT32(deferred_status, ESPState), - VMSTATE_BOOL(deferred_complete, ESPState), + VMSTATE_UINT32_TEST(mig_deferred_status, ESPState, + esp_is_before_version_5), + VMSTATE_BOOL_TEST(mig_deferred_complete, ESPState, + esp_is_before_version_5), VMSTATE_UINT32(dma, ESPState), - VMSTATE_PARTIAL_BUFFER(cmdbuf, ESPState, 16), - VMSTATE_BUFFER_START_MIDDLE_V(cmdbuf, ESPState, 16, 4), - VMSTATE_UINT32(cmdlen, ESPState), + VMSTATE_STATIC_BUFFER(mig_cmdbuf, ESPState, 0, + esp_is_before_version_5, 0, 16), + VMSTATE_STATIC_BUFFER(mig_cmdbuf, ESPState, 4, + esp_is_before_version_5, 16, + sizeof(typeof_field(ESPState, mig_cmdbuf))), + VMSTATE_UINT32_TEST(mig_cmdlen, ESPState, esp_is_before_version_5), VMSTATE_UINT32(do_cmd, ESPState), - VMSTATE_UINT32(dma_left, ESPState), + VMSTATE_UINT32_TEST(mig_dma_left, ESPState, esp_is_before_version_5), + VMSTATE_BOOL_TEST(data_in_ready, ESPState, esp_is_version_5), + VMSTATE_UINT8_TEST(cmdfifo_cdb_offset, ESPState, esp_is_version_5), + VMSTATE_FIFO8_TEST(fifo, ESPState, esp_is_version_5), + VMSTATE_FIFO8_TEST(cmdfifo, ESPState, esp_is_version_5), + VMSTATE_UINT8_TEST(ti_cmd, ESPState, esp_is_version_5), VMSTATE_END_OF_LIST() }, - .subsections = (const VMStateDescription * []) { - &vmstate_esp_pdma, - NULL - } }; static void sysbus_esp_mem_write(void *opaque, hwaddr addr, uint64_t val, unsigned int size) { SysBusESPState *sysbus = opaque; + ESPState *s = ESP(&sysbus->esp); uint32_t saddr; saddr = addr >> sysbus->it_shift; - esp_reg_write(&sysbus->esp, saddr, val); + esp_reg_write(s, saddr, val); } static uint64_t sysbus_esp_mem_read(void *opaque, hwaddr addr, unsigned int size) { SysBusESPState *sysbus = opaque; + ESPState *s = ESP(&sysbus->esp); uint32_t saddr; saddr = addr >> sysbus->it_shift; - return esp_reg_read(&sysbus->esp, saddr); + return esp_reg_read(s, saddr); } static const MemoryRegionOps sysbus_esp_mem_ops = { @@ -844,36 +1179,23 @@ static void sysbus_esp_pdma_write(void *opaque, hwaddr addr, uint64_t val, unsigned int size) { SysBusESPState *sysbus = opaque; - ESPState *s = &sysbus->esp; + ESPState *s = ESP(&sysbus->esp); uint32_t dmalen; - uint8_t *buf = get_pdma_buf(s); - dmalen = s->rregs[ESP_TCLO]; - dmalen |= s->rregs[ESP_TCMID] << 8; - dmalen |= s->rregs[ESP_TCHI] << 16; - if (dmalen == 0 || s->pdma_len == 0) { - return; - } + trace_esp_pdma_write(size); + switch (size) { case 1: - buf[s->pdma_cur++] = val; - s->pdma_len--; - dmalen--; + esp_pdma_write(s, val); break; case 2: - buf[s->pdma_cur++] = val >> 8; - buf[s->pdma_cur++] = val; - s->pdma_len -= 2; - dmalen -= 2; + esp_pdma_write(s, val >> 8); + esp_pdma_write(s, val); break; } - s->rregs[ESP_TCLO] = dmalen & 0xff; - s->rregs[ESP_TCMID] = dmalen >> 8; - s->rregs[ESP_TCHI] = dmalen >> 16; - if (s->pdma_len == 0 && s->pdma_cb) { - esp_lower_drq(s); + dmalen = esp_get_tc(s); + if (dmalen == 0 || fifo8_num_free(&s->fifo) < 2) { s->pdma_cb(s); - s->pdma_cb = NULL; } } @@ -881,29 +1203,22 @@ static uint64_t sysbus_esp_pdma_read(void *opaque, hwaddr addr, unsigned int size) { SysBusESPState *sysbus = opaque; - ESPState *s = &sysbus->esp; - uint8_t *buf = get_pdma_buf(s); + ESPState *s = ESP(&sysbus->esp); uint64_t val = 0; - if (s->pdma_len == 0) { - return 0; - } + trace_esp_pdma_read(size); + switch (size) { case 1: - val = buf[s->pdma_cur++]; - s->pdma_len--; + val = esp_pdma_read(s); break; case 2: - val = buf[s->pdma_cur++]; - val = (val << 8) | buf[s->pdma_cur++]; - s->pdma_len -= 2; + val = esp_pdma_read(s); + val = (val << 8) | esp_pdma_read(s); break; } - - if (s->pdma_len == 0 && s->pdma_cb) { - esp_lower_drq(s); + if (fifo8_num_used(&s->fifo) < 2) { s->pdma_cb(s); - s->pdma_cb = NULL; } return val; } @@ -913,7 +1228,9 @@ static const MemoryRegionOps sysbus_esp_pdma_ops = { .write = sysbus_esp_pdma_write, .endianness = DEVICE_NATIVE_ENDIAN, .valid.min_access_size = 1, - .valid.max_access_size = 2, + .valid.max_access_size = 4, + .impl.min_access_size = 1, + .impl.max_access_size = 2, }; static const struct SCSIBusInfo esp_scsi_info = { @@ -928,8 +1245,8 @@ static const struct SCSIBusInfo esp_scsi_info = { static void sysbus_esp_gpio_demux(void *opaque, int irq, int level) { - SysBusESPState *sysbus = ESP(opaque); - ESPState *s = &sysbus->esp; + SysBusESPState *sysbus = SYSBUS_ESP(opaque); + ESPState *s = ESP(&sysbus->esp); switch (irq) { case 0: @@ -944,8 +1261,12 @@ static void sysbus_esp_gpio_demux(void *opaque, int irq, int level) static void sysbus_esp_realize(DeviceState *dev, Error **errp) { SysBusDevice *sbd = SYS_BUS_DEVICE(dev); - SysBusESPState *sysbus = ESP(dev); - ESPState *s = &sysbus->esp; + SysBusESPState *sysbus = SYSBUS_ESP(dev); + ESPState *s = ESP(&sysbus->esp); + + if (!qdev_realize(DEVICE(s), NULL, errp)) { + return; + } sysbus_init_irq(sbd, &s->irq); sysbus_init_irq(sbd, &s->irq_data); @@ -956,7 +1277,7 @@ static void sysbus_esp_realize(DeviceState *dev, Error **errp) sysbus, "esp-regs", ESP_REGS << sysbus->it_shift); sysbus_init_mmio(sbd, &sysbus->iomem); memory_region_init_io(&sysbus->pdma, OBJECT(sysbus), &sysbus_esp_pdma_ops, - sysbus, "esp-pdma", 2); + sysbus, "esp-pdma", 4); sysbus_init_mmio(sbd, &sysbus->pdma); qdev_init_gpio_in(dev, sysbus_esp_gpio_demux, 2); @@ -966,15 +1287,25 @@ static void sysbus_esp_realize(DeviceState *dev, Error **errp) static void sysbus_esp_hard_reset(DeviceState *dev) { - SysBusESPState *sysbus = ESP(dev); - esp_hard_reset(&sysbus->esp); + SysBusESPState *sysbus = SYSBUS_ESP(dev); + ESPState *s = ESP(&sysbus->esp); + + esp_hard_reset(s); +} + +static void sysbus_esp_init(Object *obj) +{ + SysBusESPState *sysbus = SYSBUS_ESP(obj); + + object_initialize_child(obj, "esp", &sysbus->esp, TYPE_ESP); } static const VMStateDescription vmstate_sysbus_esp_scsi = { .name = "sysbusespscsi", - .version_id = 1, + .version_id = 2, .minimum_version_id = 1, .fields = (VMStateField[]) { + VMSTATE_UINT8_V(esp.mig_version_id, SysBusESPState, 2), VMSTATE_STRUCT(esp, SysBusESPState, 0, vmstate_esp, ESPState), VMSTATE_END_OF_LIST() } @@ -991,15 +1322,51 @@ static void sysbus_esp_class_init(ObjectClass *klass, void *data) } static const TypeInfo sysbus_esp_info = { - .name = TYPE_ESP, + .name = TYPE_SYSBUS_ESP, .parent = TYPE_SYS_BUS_DEVICE, + .instance_init = sysbus_esp_init, .instance_size = sizeof(SysBusESPState), .class_init = sysbus_esp_class_init, }; +static void esp_finalize(Object *obj) +{ + ESPState *s = ESP(obj); + + fifo8_destroy(&s->fifo); + fifo8_destroy(&s->cmdfifo); +} + +static void esp_init(Object *obj) +{ + ESPState *s = ESP(obj); + + fifo8_create(&s->fifo, ESP_FIFO_SZ); + fifo8_create(&s->cmdfifo, ESP_CMDFIFO_SZ); +} + +static void esp_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + /* internal device for sysbusesp/pciespscsi, not user-creatable */ + dc->user_creatable = false; + set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); +} + +static const TypeInfo esp_info = { + .name = TYPE_ESP, + .parent = TYPE_DEVICE, + .instance_init = esp_init, + .instance_finalize = esp_finalize, + .instance_size = sizeof(ESPState), + .class_init = esp_class_init, +}; + static void esp_register_types(void) { type_register_static(&sysbus_esp_info); + type_register_static(&esp_info); } type_init(esp_register_types) diff --git a/hw/scsi/trace-events b/hw/scsi/trace-events index 9788661bfd..1c331fb189 100644 --- a/hw/scsi/trace-events +++ b/hw/scsi/trace-events @@ -159,8 +159,12 @@ esp_error_unhandled_command(uint32_t val) "unhandled command (0x%2.2x)" esp_error_invalid_write(uint32_t val, uint32_t addr) "invalid write of 0x%02x at [0x%x]" esp_raise_irq(void) "Raise IRQ" esp_lower_irq(void) "Lower IRQ" +esp_raise_drq(void) "Raise DREQ" +esp_lower_drq(void) "Lower DREQ" esp_dma_enable(void) "Raise enable" esp_dma_disable(void) "Lower enable" +esp_pdma_read(int size) "pDMA read %u bytes" +esp_pdma_write(int size) "pDMA write %u bytes" esp_get_cmd(uint32_t dmalen, int target) "len %d target %d" esp_do_busid_cmd(uint8_t busid) "busid 0x%x" esp_handle_satn_stop(uint32_t cmdlen) "cmdlen %d" @@ -189,6 +193,7 @@ esp_mem_writeb_cmd_selatn(uint32_t val) "Select with ATN (0x%2.2x)" esp_mem_writeb_cmd_selatns(uint32_t val) "Select with ATN & stop (0x%2.2x)" esp_mem_writeb_cmd_ensel(uint32_t val) "Enable selection (0x%2.2x)" esp_mem_writeb_cmd_dissel(uint32_t val) "Disable selection (0x%2.2x)" +esp_mem_writeb_cmd_ti(uint32_t val) "Transfer Information (0x%2.2x)" # esp-pci.c esp_pci_error_invalid_dma_direction(void) "invalid DMA transfer direction" diff --git a/hw/sparc/sun4m.c b/hw/sparc/sun4m.c index 38ca1e33c7..312e2afaf9 100644 --- a/hw/sparc/sun4m.c +++ b/hw/sparc/sun4m.c @@ -334,7 +334,7 @@ static void *sparc32_dma_init(hwaddr dma_base, OBJECT(dma), "espdma")); sysbus_connect_irq(SYS_BUS_DEVICE(espdma), 0, espdma_irq); - esp = ESP(object_resolve_path_component(OBJECT(espdma), "esp")); + esp = SYSBUS_ESP(object_resolve_path_component(OBJECT(espdma), "esp")); ledma = SPARC32_LEDMA_DEVICE(object_resolve_path_component( OBJECT(dma), "ledma")); diff --git a/hw/ssi/xilinx_spips.c b/hw/ssi/xilinx_spips.c index a897034601..1e9dba2039 100644 --- a/hw/ssi/xilinx_spips.c +++ b/hw/ssi/xilinx_spips.c @@ -176,7 +176,8 @@ FIELD(GQSPI_FIFO_CTRL, GENERIC_FIFO_RESET, 0, 1) #define R_GQSPI_GFIFO_THRESH (0x150 / 4) #define R_GQSPI_DATA_STS (0x15c / 4) -/* We use the snapshot register to hold the core state for the currently +/* + * We use the snapshot register to hold the core state for the currently * or most recently executed command. So the generic fifo format is defined * for the snapshot register */ @@ -194,13 +195,6 @@ #define R_GQSPI_MOD_ID (0x1fc / 4) #define R_GQSPI_MOD_ID_RESET (0x10a0000) -#define R_QSPIDMA_DST_CTRL (0x80c / 4) -#define R_QSPIDMA_DST_CTRL_RESET (0x803ffa00) -#define R_QSPIDMA_DST_I_MASK (0x820 / 4) -#define R_QSPIDMA_DST_I_MASK_RESET (0xfe) -#define R_QSPIDMA_DST_CTRL2 (0x824 / 4) -#define R_QSPIDMA_DST_CTRL2_RESET (0x081bfff8) - /* size of TXRX FIFOs */ #define RXFF_A (128) #define TXFF_A (128) @@ -416,15 +410,13 @@ static void xlnx_zynqmp_qspips_reset(DeviceState *d) s->regs[R_GQSPI_GPIO] = 1; s->regs[R_GQSPI_LPBK_DLY_ADJ] = R_GQSPI_LPBK_DLY_ADJ_RESET; s->regs[R_GQSPI_MOD_ID] = R_GQSPI_MOD_ID_RESET; - s->regs[R_QSPIDMA_DST_CTRL] = R_QSPIDMA_DST_CTRL_RESET; - s->regs[R_QSPIDMA_DST_I_MASK] = R_QSPIDMA_DST_I_MASK_RESET; - s->regs[R_QSPIDMA_DST_CTRL2] = R_QSPIDMA_DST_CTRL2_RESET; s->man_start_com_g = false; s->gqspi_irqline = 0; xlnx_zynqmp_qspips_update_ixr(s); } -/* N way (num) in place bit striper. Lay out row wise bits (MSB to LSB) +/* + * N way (num) in place bit striper. Lay out row wise bits (MSB to LSB) * column wise (from element 0 to N-1). num is the length of x, and dir * reverses the direction of the transform. Best illustrated by example: * Each digit in the below array is a single bit (num == 3): @@ -637,8 +629,10 @@ static void xilinx_spips_flush_txfifo(XilinxSPIPS *s) tx_rx[i] = tx; } } else { - /* Extract a dummy byte and generate dummy cycles according to the - * link state */ + /* + * Extract a dummy byte and generate dummy cycles according to the + * link state + */ tx = fifo8_pop(&s->tx_fifo); dummy_cycles = 8 / s->link_state; } @@ -721,8 +715,9 @@ static void xilinx_spips_flush_txfifo(XilinxSPIPS *s) } break; case (SNOOP_ADDR): - /* Address has been transmitted, transmit dummy cycles now if - * needed */ + /* + * Address has been transmitted, transmit dummy cycles now if needed + */ if (s->cmd_dummies < 0) { s->snoop_state = SNOOP_NONE; } else { @@ -876,7 +871,7 @@ static void xlnx_zynqmp_qspips_notify(void *opaque) } static uint64_t xilinx_spips_read(void *opaque, hwaddr addr, - unsigned size) + unsigned size) { XilinxSPIPS *s = opaque; uint32_t mask = ~0; @@ -970,7 +965,7 @@ static uint64_t xlnx_zynqmp_qspips_read(void *opaque, } static void xilinx_spips_write(void *opaque, hwaddr addr, - uint64_t value, unsigned size) + uint64_t value, unsigned size) { int mask = ~0; XilinxSPIPS *s = opaque; @@ -1072,7 +1067,7 @@ static void xilinx_qspips_write(void *opaque, hwaddr addr, } static void xlnx_zynqmp_qspips_write(void *opaque, hwaddr addr, - uint64_t value, unsigned size) + uint64_t value, unsigned size) { XlnxZynqMPQSPIPS *s = XLNX_ZYNQMP_QSPIPS(opaque); uint32_t reg = addr / 4; diff --git a/hw/timer/Kconfig b/hw/timer/Kconfig index 18936ef55b..bac2511715 100644 --- a/hw/timer/Kconfig +++ b/hw/timer/Kconfig @@ -46,5 +46,11 @@ config RENESAS_TMR config RENESAS_CMT bool +config SSE_COUNTER + bool + +config SSE_TIMER + bool + config AVR_TIMER16 bool diff --git a/hw/timer/cmsdk-apb-dualtimer.c b/hw/timer/cmsdk-apb-dualtimer.c index ef49f5852d..d4a509c798 100644 --- a/hw/timer/cmsdk-apb-dualtimer.c +++ b/hw/timer/cmsdk-apb-dualtimer.c @@ -449,7 +449,7 @@ static void cmsdk_apb_dualtimer_reset(DeviceState *dev) s->timeritop = 0; } -static void cmsdk_apb_dualtimer_clk_update(void *opaque) +static void cmsdk_apb_dualtimer_clk_update(void *opaque, ClockEvent event) { CMSDKAPBDualTimer *s = CMSDK_APB_DUALTIMER(opaque); int i; @@ -478,7 +478,8 @@ static void cmsdk_apb_dualtimer_init(Object *obj) sysbus_init_irq(sbd, &s->timermod[i].timerint); } s->timclk = qdev_init_clock_in(DEVICE(s), "TIMCLK", - cmsdk_apb_dualtimer_clk_update, s); + cmsdk_apb_dualtimer_clk_update, s, + ClockUpdate); } static void cmsdk_apb_dualtimer_realize(DeviceState *dev, Error **errp) diff --git a/hw/timer/cmsdk-apb-timer.c b/hw/timer/cmsdk-apb-timer.c index ee51ce3369..68aa1a7636 100644 --- a/hw/timer/cmsdk-apb-timer.c +++ b/hw/timer/cmsdk-apb-timer.c @@ -204,7 +204,7 @@ static void cmsdk_apb_timer_reset(DeviceState *dev) ptimer_transaction_commit(s->timer); } -static void cmsdk_apb_timer_clk_update(void *opaque) +static void cmsdk_apb_timer_clk_update(void *opaque, ClockEvent event) { CMSDKAPBTimer *s = CMSDK_APB_TIMER(opaque); @@ -223,7 +223,7 @@ static void cmsdk_apb_timer_init(Object *obj) sysbus_init_mmio(sbd, &s->iomem); sysbus_init_irq(sbd, &s->timerint); s->pclk = qdev_init_clock_in(DEVICE(s), "pclk", - cmsdk_apb_timer_clk_update, s); + cmsdk_apb_timer_clk_update, s, ClockUpdate); } static void cmsdk_apb_timer_realize(DeviceState *dev, Error **errp) diff --git a/hw/timer/meson.build b/hw/timer/meson.build index 26c2701fd7..a429792b08 100644 --- a/hw/timer/meson.build +++ b/hw/timer/meson.build @@ -32,6 +32,8 @@ softmmu_ss.add(when: 'CONFIG_PXA2XX', if_true: files('pxa2xx_timer.c')) softmmu_ss.add(when: 'CONFIG_RASPI', if_true: files('bcm2835_systmr.c')) softmmu_ss.add(when: 'CONFIG_SH_TIMER', if_true: files('sh_timer.c')) softmmu_ss.add(when: 'CONFIG_SLAVIO', if_true: files('slavio_timer.c')) +softmmu_ss.add(when: 'CONFIG_SSE_COUNTER', if_true: files('sse-counter.c')) +softmmu_ss.add(when: 'CONFIG_SSE_TIMER', if_true: files('sse-timer.c')) softmmu_ss.add(when: 'CONFIG_STM32F2XX_TIMER', if_true: files('stm32f2xx_timer.c')) softmmu_ss.add(when: 'CONFIG_XILINX', if_true: files('xilinx_timer.c')) diff --git a/hw/timer/npcm7xx_timer.c b/hw/timer/npcm7xx_timer.c index 36e2c07db2..32f5e021f8 100644 --- a/hw/timer/npcm7xx_timer.c +++ b/hw/timer/npcm7xx_timer.c @@ -138,8 +138,8 @@ static int64_t npcm7xx_timer_count_to_ns(NPCM7xxTimer *t, uint32_t count) /* Convert a time interval in nanoseconds to a timer cycle count. */ static uint32_t npcm7xx_timer_ns_to_count(NPCM7xxTimer *t, int64_t ns) { - return ns / clock_ticks_to_ns(t->ctrl->clock, - npcm7xx_tcsr_prescaler(t->tcsr)); + return clock_ns_to_ticks(t->ctrl->clock, ns) / + npcm7xx_tcsr_prescaler(t->tcsr); } static uint32_t npcm7xx_watchdog_timer_prescaler(const NPCM7xxWatchdogTimer *t) @@ -627,7 +627,7 @@ static void npcm7xx_timer_init(Object *obj) sysbus_init_mmio(sbd, &s->iomem); qdev_init_gpio_out_named(dev, &w->reset_signal, NPCM7XX_WATCHDOG_RESET_GPIO_OUT, 1); - s->clock = qdev_init_clock_in(dev, "clock", NULL, NULL); + s->clock = qdev_init_clock_in(dev, "clock", NULL, NULL, 0); } static const VMStateDescription vmstate_npcm7xx_base_timer = { diff --git a/hw/timer/renesas_tmr.c b/hw/timer/renesas_tmr.c index e03a8155b2..eed39917fe 100644 --- a/hw/timer/renesas_tmr.c +++ b/hw/timer/renesas_tmr.c @@ -46,8 +46,10 @@ REG8(TCCR, 10) FIELD(TCCR, CSS, 3, 2) FIELD(TCCR, TMRIS, 7, 1) -#define INTERNAL 0x01 -#define CASCADING 0x03 +#define CSS_EXTERNAL 0x00 +#define CSS_INTERNAL 0x01 +#define CSS_INVALID 0x02 +#define CSS_CASCADING 0x03 #define CCLR_A 0x01 #define CCLR_B 0x02 @@ -72,7 +74,7 @@ static void update_events(RTMRState *tmr, int ch) /* event not happened */ return ; } - if (FIELD_EX8(tmr->tccr[0], TCCR, CSS) == CASCADING) { + if (FIELD_EX8(tmr->tccr[0], TCCR, CSS) == CSS_CASCADING) { /* cascading mode */ if (ch == 1) { tmr->next[ch] = none; @@ -130,23 +132,32 @@ static uint16_t read_tcnt(RTMRState *tmr, unsigned size, int ch) if (delta > 0) { tmr->tick = now; - if (FIELD_EX8(tmr->tccr[1], TCCR, CSS) == INTERNAL) { + switch (FIELD_EX8(tmr->tccr[1], TCCR, CSS)) { + case CSS_INTERNAL: /* timer1 count update */ elapsed = elapsed_time(tmr, 1, delta); if (elapsed >= 0x100) { ovf = elapsed >> 8; } tcnt[1] = tmr->tcnt[1] + (elapsed & 0xff); + break; + case CSS_INVALID: /* guest error to have set this */ + case CSS_EXTERNAL: /* QEMU doesn't implement these */ + case CSS_CASCADING: + tcnt[1] = tmr->tcnt[1]; + break; } switch (FIELD_EX8(tmr->tccr[0], TCCR, CSS)) { - case INTERNAL: + case CSS_INTERNAL: elapsed = elapsed_time(tmr, 0, delta); tcnt[0] = tmr->tcnt[0] + elapsed; break; - case CASCADING: - if (ovf > 0) { - tcnt[0] = tmr->tcnt[0] + ovf; - } + case CSS_CASCADING: + tcnt[0] = tmr->tcnt[0] + ovf; + break; + case CSS_INVALID: /* guest error to have set this */ + case CSS_EXTERNAL: /* QEMU doesn't implement this */ + tcnt[0] = tmr->tcnt[0]; break; } } else { @@ -330,7 +341,7 @@ static uint16_t issue_event(RTMRState *tmr, int ch, int sz, qemu_irq_pulse(tmr->cmia[ch]); } if (sz == 8 && ch == 0 && - FIELD_EX8(tmr->tccr[1], TCCR, CSS) == CASCADING) { + FIELD_EX8(tmr->tccr[1], TCCR, CSS) == CSS_CASCADING) { tmr->tcnt[1]++; timer_events(tmr, 1); } @@ -362,7 +373,7 @@ static void timer_events(RTMRState *tmr, int ch) uint16_t tcnt; tmr->tcnt[ch] = read_tcnt(tmr, 1, ch); - if (FIELD_EX8(tmr->tccr[0], TCCR, CSS) != CASCADING) { + if (FIELD_EX8(tmr->tccr[0], TCCR, CSS) != CSS_CASCADING) { tmr->tcnt[ch] = issue_event(tmr, ch, 8, tmr->tcnt[ch], tmr->tcora[ch], diff --git a/hw/timer/sse-counter.c b/hw/timer/sse-counter.c new file mode 100644 index 0000000000..0384051f15 --- /dev/null +++ b/hw/timer/sse-counter.c @@ -0,0 +1,474 @@ +/* + * Arm SSE Subsystem System Counter + * + * Copyright (c) 2020 Linaro Limited + * Written by Peter Maydell + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 or + * (at your option) any later version. + */ + +/* + * This is a model of the "System counter" which is documented in + * the Arm SSE-123 Example Subsystem Technical Reference Manual: + * https://developer.arm.com/documentation/101370/latest/ + * + * The system counter is a non-stop 64-bit up-counter. It provides + * this count value to other devices like the SSE system timer, + * which are driven by this system timestamp rather than directly + * from a clock. Internally to the counter the count is actually + * 88-bit precision (64.24 fixed point), with a programmable scale factor. + * + * The hardware has the optional feature that it supports dynamic + * clock switching, where two clock inputs are connected, and which + * one is used is selected via a CLKSEL input signal. Since the + * users of this device in QEMU don't use this feature, we only model + * the HWCLKSW=0 configuration. + */ +#include "qemu/osdep.h" +#include "qemu/log.h" +#include "qemu/timer.h" +#include "qapi/error.h" +#include "trace.h" +#include "hw/timer/sse-counter.h" +#include "hw/sysbus.h" +#include "hw/irq.h" +#include "hw/registerfields.h" +#include "hw/clock.h" +#include "hw/qdev-clock.h" +#include "migration/vmstate.h" + +/* Registers in the control frame */ +REG32(CNTCR, 0x0) + FIELD(CNTCR, EN, 0, 1) + FIELD(CNTCR, HDBG, 1, 1) + FIELD(CNTCR, SCEN, 2, 1) + FIELD(CNTCR, INTRMASK, 3, 1) + FIELD(CNTCR, PSLVERRDIS, 4, 1) + FIELD(CNTCR, INTRCLR, 5, 1) +/* + * Although CNTCR defines interrupt-related bits, the counter doesn't + * appear to actually have an interrupt output. So INTRCLR is + * effectively a RAZ/WI bit, as are the reserved bits [31:6]. + */ +#define CNTCR_VALID_MASK (R_CNTCR_EN_MASK | R_CNTCR_HDBG_MASK | \ + R_CNTCR_SCEN_MASK | R_CNTCR_INTRMASK_MASK | \ + R_CNTCR_PSLVERRDIS_MASK) +REG32(CNTSR, 0x4) +REG32(CNTCV_LO, 0x8) +REG32(CNTCV_HI, 0xc) +REG32(CNTSCR, 0x10) /* Aliased with CNTSCR0 */ +REG32(CNTID, 0x1c) + FIELD(CNTID, CNTSC, 0, 4) + FIELD(CNTID, CNTCS, 16, 1) + FIELD(CNTID, CNTSELCLK, 17, 2) + FIELD(CNTID, CNTSCR_OVR, 19, 1) +REG32(CNTSCR0, 0xd0) +REG32(CNTSCR1, 0xd4) + +/* Registers in the status frame */ +REG32(STATUS_CNTCV_LO, 0x0) +REG32(STATUS_CNTCV_HI, 0x4) + +/* Standard ID registers, present in both frames */ +REG32(PID4, 0xFD0) +REG32(PID5, 0xFD4) +REG32(PID6, 0xFD8) +REG32(PID7, 0xFDC) +REG32(PID0, 0xFE0) +REG32(PID1, 0xFE4) +REG32(PID2, 0xFE8) +REG32(PID3, 0xFEC) +REG32(CID0, 0xFF0) +REG32(CID1, 0xFF4) +REG32(CID2, 0xFF8) +REG32(CID3, 0xFFC) + +/* PID/CID values */ +static const int control_id[] = { + 0x04, 0x00, 0x00, 0x00, /* PID4..PID7 */ + 0xba, 0xb0, 0x0b, 0x00, /* PID0..PID3 */ + 0x0d, 0xf0, 0x05, 0xb1, /* CID0..CID3 */ +}; + +static const int status_id[] = { + 0x04, 0x00, 0x00, 0x00, /* PID4..PID7 */ + 0xbb, 0xb0, 0x0b, 0x00, /* PID0..PID3 */ + 0x0d, 0xf0, 0x05, 0xb1, /* CID0..CID3 */ +}; + +static void sse_counter_notify_users(SSECounter *s) +{ + /* + * Notify users of the count timestamp that they may + * need to recalculate. + */ + notifier_list_notify(&s->notifier_list, NULL); +} + +static bool sse_counter_enabled(SSECounter *s) +{ + return (s->cntcr & R_CNTCR_EN_MASK) != 0; +} + +uint64_t sse_counter_tick_to_time(SSECounter *s, uint64_t tick) +{ + if (!sse_counter_enabled(s)) { + return UINT64_MAX; + } + + tick -= s->ticks_then; + + if (s->cntcr & R_CNTCR_SCEN_MASK) { + /* Adjust the tick count to account for the scale factor */ + tick = muldiv64(tick, 0x01000000, s->cntscr0); + } + + return s->ns_then + clock_ticks_to_ns(s->clk, tick); +} + +void sse_counter_register_consumer(SSECounter *s, Notifier *notifier) +{ + /* + * For the moment we assume that both we and the devices + * which consume us last for the life of the simulation, + * and so there is no mechanism for removing a notifier. + */ + notifier_list_add(&s->notifier_list, notifier); +} + +uint64_t sse_counter_for_timestamp(SSECounter *s, uint64_t now) +{ + /* Return the CNTCV value for a particular timestamp (clock ns value). */ + uint64_t ticks; + + if (!sse_counter_enabled(s)) { + /* Counter is disabled and does not increment */ + return s->ticks_then; + } + + ticks = clock_ns_to_ticks(s->clk, now - s->ns_then); + if (s->cntcr & R_CNTCR_SCEN_MASK) { + /* + * Scaling is enabled. The CNTSCR value is the amount added to + * the underlying 88-bit counter for every tick of the + * underlying clock; CNTCV is the top 64 bits of that full + * 88-bit value. Multiplying the tick count by CNTSCR tells us + * how much the full 88-bit counter has moved on; we then + * divide that by 0x01000000 to find out how much the 64-bit + * visible portion has advanced. muldiv64() gives us the + * necessary at-least-88-bit precision for the intermediate + * result. + */ + ticks = muldiv64(ticks, s->cntscr0, 0x01000000); + } + return s->ticks_then + ticks; +} + +static uint64_t sse_cntcv(SSECounter *s) +{ + /* Return the CNTCV value for the current time */ + return sse_counter_for_timestamp(s, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)); +} + +static void sse_write_cntcv(SSECounter *s, uint32_t value, unsigned startbit) +{ + /* + * Write one 32-bit half of the counter value; startbit is the + * bit position of this half in the 64-bit word, either 0 or 32. + */ + uint64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); + uint64_t cntcv = sse_counter_for_timestamp(s, now); + + cntcv = deposit64(cntcv, startbit, 32, value); + s->ticks_then = cntcv; + s->ns_then = now; + sse_counter_notify_users(s); +} + +static uint64_t sse_counter_control_read(void *opaque, hwaddr offset, + unsigned size) +{ + SSECounter *s = SSE_COUNTER(opaque); + uint64_t r; + + switch (offset) { + case A_CNTCR: + r = s->cntcr; + break; + case A_CNTSR: + /* + * The only bit here is DBGH, indicating that the counter has been + * halted via the Halt-on-Debug signal. We don't implement halting + * debug, so the whole register always reads as zero. + */ + r = 0; + break; + case A_CNTCV_LO: + r = extract64(sse_cntcv(s), 0, 32); + break; + case A_CNTCV_HI: + r = extract64(sse_cntcv(s), 32, 32); + break; + case A_CNTID: + /* + * For our implementation: + * - CNTSCR can only be written when CNTCR.EN == 0 + * - HWCLKSW=0, so selected clock is always CLK0 + * - counter scaling is implemented + */ + r = (1 << R_CNTID_CNTSELCLK_SHIFT) | (1 << R_CNTID_CNTSC_SHIFT); + break; + case A_CNTSCR: + case A_CNTSCR0: + r = s->cntscr0; + break; + case A_CNTSCR1: + /* If HWCLKSW == 0, CNTSCR1 is RAZ/WI */ + r = 0; + break; + case A_PID4 ... A_CID3: + r = control_id[(offset - A_PID4) / 4]; + break; + default: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Counter control frame read: bad offset 0x%x", + (unsigned)offset); + r = 0; + break; + } + + trace_sse_counter_control_read(offset, r, size); + return r; +} + +static void sse_counter_control_write(void *opaque, hwaddr offset, + uint64_t value, unsigned size) +{ + SSECounter *s = SSE_COUNTER(opaque); + + trace_sse_counter_control_write(offset, value, size); + + switch (offset) { + case A_CNTCR: + /* + * Although CNTCR defines interrupt-related bits, the counter doesn't + * appear to actually have an interrupt output. So INTRCLR is + * effectively a RAZ/WI bit, as are the reserved bits [31:6]. + * The documentation does not explicitly say so, but we assume + * that changing the scale factor while the counter is enabled + * by toggling CNTCR.SCEN has the same behaviour (making the counter + * value UNKNOWN) as changing it by writing to CNTSCR, and so we + * don't need to try to recalculate for that case. + */ + value &= CNTCR_VALID_MASK; + if ((value ^ s->cntcr) & R_CNTCR_EN_MASK) { + /* + * Whether the counter is being enabled or disabled, the + * required action is the same: sync the (ns_then, ticks_then) + * tuple. + */ + uint64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); + s->ticks_then = sse_counter_for_timestamp(s, now); + s->ns_then = now; + sse_counter_notify_users(s); + } + s->cntcr = value; + break; + case A_CNTCV_LO: + sse_write_cntcv(s, value, 0); + break; + case A_CNTCV_HI: + sse_write_cntcv(s, value, 32); + break; + case A_CNTSCR: + case A_CNTSCR0: + /* + * If the scale registers are changed when the counter is enabled, + * the count value becomes UNKNOWN. So we don't try to recalculate + * anything here but only do it on a write to CNTCR.EN. + */ + s->cntscr0 = value; + break; + case A_CNTSCR1: + /* If HWCLKSW == 0, CNTSCR1 is RAZ/WI */ + break; + case A_CNTSR: + case A_CNTID: + case A_PID4 ... A_CID3: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Counter control frame: write to RO offset 0x%x\n", + (unsigned)offset); + break; + default: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Counter control frame: write to bad offset 0x%x\n", + (unsigned)offset); + break; + } +} + +static uint64_t sse_counter_status_read(void *opaque, hwaddr offset, + unsigned size) +{ + SSECounter *s = SSE_COUNTER(opaque); + uint64_t r; + + switch (offset) { + case A_STATUS_CNTCV_LO: + r = extract64(sse_cntcv(s), 0, 32); + break; + case A_STATUS_CNTCV_HI: + r = extract64(sse_cntcv(s), 32, 32); + break; + case A_PID4 ... A_CID3: + r = status_id[(offset - A_PID4) / 4]; + break; + default: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Counter status frame read: bad offset 0x%x", + (unsigned)offset); + r = 0; + break; + } + + trace_sse_counter_status_read(offset, r, size); + return r; +} + +static void sse_counter_status_write(void *opaque, hwaddr offset, + uint64_t value, unsigned size) +{ + trace_sse_counter_status_write(offset, value, size); + + switch (offset) { + case A_STATUS_CNTCV_LO: + case A_STATUS_CNTCV_HI: + case A_PID4 ... A_CID3: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Counter status frame: write to RO offset 0x%x\n", + (unsigned)offset); + break; + default: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Counter status frame: write to bad offset 0x%x\n", + (unsigned)offset); + break; + } +} + +static const MemoryRegionOps sse_counter_control_ops = { + .read = sse_counter_control_read, + .write = sse_counter_control_write, + .endianness = DEVICE_LITTLE_ENDIAN, + .valid.min_access_size = 4, + .valid.max_access_size = 4, +}; + +static const MemoryRegionOps sse_counter_status_ops = { + .read = sse_counter_status_read, + .write = sse_counter_status_write, + .endianness = DEVICE_LITTLE_ENDIAN, + .valid.min_access_size = 4, + .valid.max_access_size = 4, +}; + +static void sse_counter_reset(DeviceState *dev) +{ + SSECounter *s = SSE_COUNTER(dev); + + trace_sse_counter_reset(); + + s->cntcr = 0; + s->cntscr0 = 0x01000000; + s->ns_then = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); + s->ticks_then = 0; +} + +static void sse_clk_callback(void *opaque, ClockEvent event) +{ + SSECounter *s = SSE_COUNTER(opaque); + uint64_t now; + + switch (event) { + case ClockPreUpdate: + /* + * Before the clock period updates, set (ticks_then, ns_then) + * to the current time and tick count (as calculated with + * the old clock period). + */ + if (sse_counter_enabled(s)) { + now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); + s->ticks_then = sse_counter_for_timestamp(s, now); + s->ns_then = now; + } + break; + case ClockUpdate: + sse_counter_notify_users(s); + break; + default: + break; + } +} + +static void sse_counter_init(Object *obj) +{ + SysBusDevice *sbd = SYS_BUS_DEVICE(obj); + SSECounter *s = SSE_COUNTER(obj); + + notifier_list_init(&s->notifier_list); + + s->clk = qdev_init_clock_in(DEVICE(obj), "CLK", sse_clk_callback, s, + ClockPreUpdate | ClockUpdate); + memory_region_init_io(&s->control_mr, obj, &sse_counter_control_ops, + s, "sse-counter-control", 0x1000); + memory_region_init_io(&s->status_mr, obj, &sse_counter_status_ops, + s, "sse-counter-status", 0x1000); + sysbus_init_mmio(sbd, &s->control_mr); + sysbus_init_mmio(sbd, &s->status_mr); +} + +static void sse_counter_realize(DeviceState *dev, Error **errp) +{ + SSECounter *s = SSE_COUNTER(dev); + + if (!clock_has_source(s->clk)) { + error_setg(errp, "SSE system counter: CLK must be connected"); + return; + } +} + +static const VMStateDescription sse_counter_vmstate = { + .name = "sse-counter", + .version_id = 1, + .minimum_version_id = 1, + .fields = (VMStateField[]) { + VMSTATE_CLOCK(clk, SSECounter), + VMSTATE_END_OF_LIST() + } +}; + +static void sse_counter_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->realize = sse_counter_realize; + dc->vmsd = &sse_counter_vmstate; + dc->reset = sse_counter_reset; +} + +static const TypeInfo sse_counter_info = { + .name = TYPE_SSE_COUNTER, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(SSECounter), + .instance_init = sse_counter_init, + .class_init = sse_counter_class_init, +}; + +static void sse_counter_register_types(void) +{ + type_register_static(&sse_counter_info); +} + +type_init(sse_counter_register_types); diff --git a/hw/timer/sse-timer.c b/hw/timer/sse-timer.c new file mode 100644 index 0000000000..8dbe6ac651 --- /dev/null +++ b/hw/timer/sse-timer.c @@ -0,0 +1,470 @@ +/* + * Arm SSE Subsystem System Timer + * + * Copyright (c) 2020 Linaro Limited + * Written by Peter Maydell + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 or + * (at your option) any later version. + */ + +/* + * This is a model of the "System timer" which is documented in + * the Arm SSE-123 Example Subsystem Technical Reference Manual: + * https://developer.arm.com/documentation/101370/latest/ + * + * The timer is based around a simple 64-bit incrementing counter + * (readable from CNTPCT_HI/LO). The timer fires when + * Counter - CompareValue >= 0. + * The CompareValue is guest-writable, via CNTP_CVAL_HI/LO. + * CNTP_TVAL is an alternative view of the CompareValue defined by + * TimerValue = CompareValue[31:0] - Counter[31:0] + * which can be both read and written. + * This part is similar to the generic timer in an Arm A-class CPU. + * + * The timer also has a separate auto-increment timer. When this + * timer is enabled, then the AutoIncrValue is set to: + * AutoIncrValue = Reload + Counter + * and this timer fires when + * Counter - AutoIncrValue >= 0 + * at which point, an interrupt is generated and the new AutoIncrValue + * is calculated. + * When the auto-increment timer is enabled, interrupt generation + * via the compare/timervalue registers is disabled. + */ +#include "qemu/osdep.h" +#include "qemu/log.h" +#include "qemu/timer.h" +#include "qapi/error.h" +#include "trace.h" +#include "hw/timer/sse-timer.h" +#include "hw/timer/sse-counter.h" +#include "hw/sysbus.h" +#include "hw/irq.h" +#include "hw/registerfields.h" +#include "hw/clock.h" +#include "hw/qdev-clock.h" +#include "hw/qdev-properties.h" +#include "migration/vmstate.h" + +REG32(CNTPCT_LO, 0x0) +REG32(CNTPCT_HI, 0x4) +REG32(CNTFRQ, 0x10) +REG32(CNTP_CVAL_LO, 0x20) +REG32(CNTP_CVAL_HI, 0x24) +REG32(CNTP_TVAL, 0x28) +REG32(CNTP_CTL, 0x2c) + FIELD(CNTP_CTL, ENABLE, 0, 1) + FIELD(CNTP_CTL, IMASK, 1, 1) + FIELD(CNTP_CTL, ISTATUS, 2, 1) +REG32(CNTP_AIVAL_LO, 0x40) +REG32(CNTP_AIVAL_HI, 0x44) +REG32(CNTP_AIVAL_RELOAD, 0x48) +REG32(CNTP_AIVAL_CTL, 0x4c) + FIELD(CNTP_AIVAL_CTL, EN, 0, 1) + FIELD(CNTP_AIVAL_CTL, CLR, 1, 1) +REG32(CNTP_CFG, 0x50) + FIELD(CNTP_CFG, AIVAL, 0, 4) +#define R_CNTP_CFG_AIVAL_IMPLEMENTED 1 +REG32(PID4, 0xFD0) +REG32(PID5, 0xFD4) +REG32(PID6, 0xFD8) +REG32(PID7, 0xFDC) +REG32(PID0, 0xFE0) +REG32(PID1, 0xFE4) +REG32(PID2, 0xFE8) +REG32(PID3, 0xFEC) +REG32(CID0, 0xFF0) +REG32(CID1, 0xFF4) +REG32(CID2, 0xFF8) +REG32(CID3, 0xFFC) + +/* PID/CID values */ +static const int timer_id[] = { + 0x04, 0x00, 0x00, 0x00, /* PID4..PID7 */ + 0xb7, 0xb0, 0x0b, 0x00, /* PID0..PID3 */ + 0x0d, 0xf0, 0x05, 0xb1, /* CID0..CID3 */ +}; + +static bool sse_is_autoinc(SSETimer *s) +{ + return (s->cntp_aival_ctl & R_CNTP_AIVAL_CTL_EN_MASK) != 0; +} + +static bool sse_enabled(SSETimer *s) +{ + return (s->cntp_ctl & R_CNTP_CTL_ENABLE_MASK) != 0; +} + +static uint64_t sse_cntpct(SSETimer *s) +{ + /* Return the CNTPCT value for the current time */ + return sse_counter_for_timestamp(s->counter, + qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)); +} + +static bool sse_timer_status(SSETimer *s) +{ + /* + * Return true if timer condition is met. This is used for both + * the CNTP_CTL.ISTATUS bit and for whether (unless masked) we + * assert our IRQ. + * The documentation is unclear about the behaviour of ISTATUS when + * in autoincrement mode; we assume that it follows CNTP_AIVAL_CTL.CLR + * (ie whether the autoincrement timer is asserting the interrupt). + */ + if (!sse_enabled(s)) { + return false; + } + + if (sse_is_autoinc(s)) { + return s->cntp_aival_ctl & R_CNTP_AIVAL_CTL_CLR_MASK; + } else { + return sse_cntpct(s) >= s->cntp_cval; + } +} + +static void sse_update_irq(SSETimer *s) +{ + bool irqstate = (!(s->cntp_ctl & R_CNTP_CTL_IMASK_MASK) && + sse_timer_status(s)); + + qemu_set_irq(s->irq, irqstate); +} + +static void sse_set_timer(SSETimer *s, uint64_t nexttick) +{ + /* Set the timer to expire at nexttick */ + uint64_t expiry = sse_counter_tick_to_time(s->counter, nexttick); + + if (expiry <= INT64_MAX) { + timer_mod_ns(&s->timer, expiry); + } else { + /* + * nexttick is so far in the future that it would overflow the + * signed 64-bit range of a QEMUTimer. Since timer_mod_ns() + * expiry times are absolute, not relative, we are never going + * to be able to set the timer to this value, so we must just + * assume that guest execution can never run so long that it + * reaches the theoretical point when the timer fires. + * This is also the code path for "counter is not running", + * which is signalled by expiry == UINT64_MAX. + */ + timer_del(&s->timer); + } +} + +static void sse_recalc_timer(SSETimer *s) +{ + /* Recalculate the normal timer */ + uint64_t count, nexttick; + + if (sse_is_autoinc(s)) { + return; + } + + if (!sse_enabled(s)) { + timer_del(&s->timer); + return; + } + + count = sse_cntpct(s); + + if (count >= s->cntp_cval) { + /* + * Timer condition already met. In theory we have a transition when + * the count rolls back over to 0, but that is so far in the future + * that it is not representable as a timer_mod() expiry, so in + * fact sse_set_timer() will always just delete the timer. + */ + nexttick = UINT64_MAX; + } else { + /* Next transition is when count hits cval */ + nexttick = s->cntp_cval; + } + sse_set_timer(s, nexttick); + sse_update_irq(s); +} + +static void sse_autoinc(SSETimer *s) +{ + /* Auto-increment the AIVAL, and set the timer accordingly */ + s->cntp_aival = sse_cntpct(s) + s->cntp_aival_reload; + sse_set_timer(s, s->cntp_aival); +} + +static void sse_timer_cb(void *opaque) +{ + SSETimer *s = SSE_TIMER(opaque); + + if (sse_is_autoinc(s)) { + uint64_t count = sse_cntpct(s); + + if (count >= s->cntp_aival) { + /* Timer condition met, set CLR and do another autoinc */ + s->cntp_aival_ctl |= R_CNTP_AIVAL_CTL_CLR_MASK; + s->cntp_aival = count + s->cntp_aival_reload; + } + sse_set_timer(s, s->cntp_aival); + sse_update_irq(s); + } else { + sse_recalc_timer(s); + } +} + +static uint64_t sse_timer_read(void *opaque, hwaddr offset, unsigned size) +{ + SSETimer *s = SSE_TIMER(opaque); + uint64_t r; + + switch (offset) { + case A_CNTPCT_LO: + r = extract64(sse_cntpct(s), 0, 32); + break; + case A_CNTPCT_HI: + r = extract64(sse_cntpct(s), 32, 32); + break; + case A_CNTFRQ: + r = s->cntfrq; + break; + case A_CNTP_CVAL_LO: + r = extract64(s->cntp_cval, 0, 32); + break; + case A_CNTP_CVAL_HI: + r = extract64(s->cntp_cval, 32, 32); + break; + case A_CNTP_TVAL: + r = extract64(s->cntp_cval - sse_cntpct(s), 0, 32); + break; + case A_CNTP_CTL: + r = s->cntp_ctl; + if (sse_timer_status(s)) { + r |= R_CNTP_CTL_ISTATUS_MASK; + } + break; + case A_CNTP_AIVAL_LO: + r = extract64(s->cntp_aival, 0, 32); + break; + case A_CNTP_AIVAL_HI: + r = extract64(s->cntp_aival, 32, 32); + break; + case A_CNTP_AIVAL_RELOAD: + r = s->cntp_aival_reload; + break; + case A_CNTP_AIVAL_CTL: + /* + * All the bits of AIVAL_CTL are documented as WO, but this is probably + * a documentation error. We implement them as readable. + */ + r = s->cntp_aival_ctl; + break; + case A_CNTP_CFG: + r = R_CNTP_CFG_AIVAL_IMPLEMENTED << R_CNTP_CFG_AIVAL_SHIFT; + break; + case A_PID4 ... A_CID3: + r = timer_id[(offset - A_PID4) / 4]; + break; + default: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Timer read: bad offset 0x%x", + (unsigned) offset); + r = 0; + break; + } + + trace_sse_timer_read(offset, r, size); + return r; +} + +static void sse_timer_write(void *opaque, hwaddr offset, uint64_t value, + unsigned size) +{ + SSETimer *s = SSE_TIMER(opaque); + + trace_sse_timer_write(offset, value, size); + + switch (offset) { + case A_CNTFRQ: + s->cntfrq = value; + break; + case A_CNTP_CVAL_LO: + s->cntp_cval = deposit64(s->cntp_cval, 0, 32, value); + sse_recalc_timer(s); + break; + case A_CNTP_CVAL_HI: + s->cntp_cval = deposit64(s->cntp_cval, 32, 32, value); + sse_recalc_timer(s); + break; + case A_CNTP_TVAL: + s->cntp_cval = sse_cntpct(s) + sextract64(value, 0, 32); + sse_recalc_timer(s); + break; + case A_CNTP_CTL: + { + uint32_t old_ctl = s->cntp_ctl; + value &= R_CNTP_CTL_ENABLE_MASK | R_CNTP_CTL_IMASK_MASK; + s->cntp_ctl = value; + if ((old_ctl ^ s->cntp_ctl) & R_CNTP_CTL_ENABLE_MASK) { + if (sse_enabled(s)) { + if (sse_is_autoinc(s)) { + sse_autoinc(s); + } else { + sse_recalc_timer(s); + } + } + } + sse_update_irq(s); + break; + } + case A_CNTP_AIVAL_RELOAD: + s->cntp_aival_reload = value; + break; + case A_CNTP_AIVAL_CTL: + { + uint32_t old_ctl = s->cntp_aival_ctl; + + /* EN bit is writeable; CLR bit is write-0-to-clear, write-1-ignored */ + s->cntp_aival_ctl &= ~R_CNTP_AIVAL_CTL_EN_MASK; + s->cntp_aival_ctl |= value & R_CNTP_AIVAL_CTL_EN_MASK; + if (!(value & R_CNTP_AIVAL_CTL_CLR_MASK)) { + s->cntp_aival_ctl &= ~R_CNTP_AIVAL_CTL_CLR_MASK; + } + if ((old_ctl ^ s->cntp_aival_ctl) & R_CNTP_AIVAL_CTL_EN_MASK) { + /* Auto-increment toggled on/off */ + if (sse_enabled(s)) { + if (sse_is_autoinc(s)) { + sse_autoinc(s); + } else { + sse_recalc_timer(s); + } + } + } + sse_update_irq(s); + break; + } + case A_CNTPCT_LO: + case A_CNTPCT_HI: + case A_CNTP_CFG: + case A_CNTP_AIVAL_LO: + case A_CNTP_AIVAL_HI: + case A_PID4 ... A_CID3: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Timer write: write to RO offset 0x%x\n", + (unsigned)offset); + break; + default: + qemu_log_mask(LOG_GUEST_ERROR, + "SSE System Timer write: bad offset 0x%x\n", + (unsigned)offset); + break; + } +} + +static const MemoryRegionOps sse_timer_ops = { + .read = sse_timer_read, + .write = sse_timer_write, + .endianness = DEVICE_LITTLE_ENDIAN, + .valid.min_access_size = 4, + .valid.max_access_size = 4, +}; + +static void sse_timer_reset(DeviceState *dev) +{ + SSETimer *s = SSE_TIMER(dev); + + trace_sse_timer_reset(); + + timer_del(&s->timer); + s->cntfrq = 0; + s->cntp_ctl = 0; + s->cntp_cval = 0; + s->cntp_aival = 0; + s->cntp_aival_ctl = 0; + s->cntp_aival_reload = 0; +} + +static void sse_timer_counter_callback(Notifier *notifier, void *data) +{ + SSETimer *s = container_of(notifier, SSETimer, counter_notifier); + + /* System counter told us we need to recalculate */ + if (sse_enabled(s)) { + if (sse_is_autoinc(s)) { + sse_set_timer(s, s->cntp_aival); + } else { + sse_recalc_timer(s); + } + } +} + +static void sse_timer_init(Object *obj) +{ + SysBusDevice *sbd = SYS_BUS_DEVICE(obj); + SSETimer *s = SSE_TIMER(obj); + + memory_region_init_io(&s->iomem, obj, &sse_timer_ops, + s, "sse-timer", 0x1000); + sysbus_init_mmio(sbd, &s->iomem); + sysbus_init_irq(sbd, &s->irq); +} + +static void sse_timer_realize(DeviceState *dev, Error **errp) +{ + SSETimer *s = SSE_TIMER(dev); + + if (!s->counter) { + error_setg(errp, "counter property was not set"); + } + + s->counter_notifier.notify = sse_timer_counter_callback; + sse_counter_register_consumer(s->counter, &s->counter_notifier); + + timer_init_ns(&s->timer, QEMU_CLOCK_VIRTUAL, sse_timer_cb, s); +} + +static const VMStateDescription sse_timer_vmstate = { + .name = "sse-timer", + .version_id = 1, + .minimum_version_id = 1, + .fields = (VMStateField[]) { + VMSTATE_TIMER(timer, SSETimer), + VMSTATE_UINT32(cntfrq, SSETimer), + VMSTATE_UINT32(cntp_ctl, SSETimer), + VMSTATE_UINT64(cntp_cval, SSETimer), + VMSTATE_UINT64(cntp_aival, SSETimer), + VMSTATE_UINT32(cntp_aival_ctl, SSETimer), + VMSTATE_UINT32(cntp_aival_reload, SSETimer), + VMSTATE_END_OF_LIST() + } +}; + +static Property sse_timer_properties[] = { + DEFINE_PROP_LINK("counter", SSETimer, counter, TYPE_SSE_COUNTER, SSECounter *), + DEFINE_PROP_END_OF_LIST(), +}; + +static void sse_timer_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->realize = sse_timer_realize; + dc->vmsd = &sse_timer_vmstate; + dc->reset = sse_timer_reset; + device_class_set_props(dc, sse_timer_properties); +} + +static const TypeInfo sse_timer_info = { + .name = TYPE_SSE_TIMER, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(SSETimer), + .instance_init = sse_timer_init, + .class_init = sse_timer_class_init, +}; + +static void sse_timer_register_types(void) +{ + type_register_static(&sse_timer_info); +} + +type_init(sse_timer_register_types); diff --git a/hw/timer/trace-events b/hw/timer/trace-events index 7a4326d956..f8b9db25c2 100644 --- a/hw/timer/trace-events +++ b/hw/timer/trace-events @@ -93,3 +93,15 @@ avr_timer16_interrupt_count(uint8_t cnt) "count: %u" avr_timer16_interrupt_overflow(const char *reason) "overflow: %s" avr_timer16_next_alarm(uint64_t delay_ns) "next alarm: %" PRIu64 " ns from now" avr_timer16_clksrc_update(uint64_t freq_hz, uint64_t period_ns, uint64_t delay_s) "timer frequency: %" PRIu64 " Hz, period: %" PRIu64 " ns (%" PRId64 " us)" + +# sse_counter.c +sse_counter_control_read(uint64_t offset, uint64_t data, unsigned size) "SSE system counter control frame read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +sse_counter_control_write(uint64_t offset, uint64_t data, unsigned size) "SSE system counter control framen write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +sse_counter_status_read(uint64_t offset, uint64_t data, unsigned size) "SSE system counter status frame read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +sse_counter_status_write(uint64_t offset, uint64_t data, unsigned size) "SSE system counter status frame write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +sse_counter_reset(void) "SSE system counter: reset" + +# sse_timer.c +sse_timer_read(uint64_t offset, uint64_t data, unsigned size) "SSE system timer read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +sse_timer_write(uint64_t offset, uint64_t data, unsigned size) "SSE system timer write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +sse_timer_reset(void) "SSE system timer: reset" diff --git a/hw/watchdog/cmsdk-apb-watchdog.c b/hw/watchdog/cmsdk-apb-watchdog.c index 302f171173..5a2cd46eb7 100644 --- a/hw/watchdog/cmsdk-apb-watchdog.c +++ b/hw/watchdog/cmsdk-apb-watchdog.c @@ -310,7 +310,7 @@ static void cmsdk_apb_watchdog_reset(DeviceState *dev) ptimer_transaction_commit(s->timer); } -static void cmsdk_apb_watchdog_clk_update(void *opaque) +static void cmsdk_apb_watchdog_clk_update(void *opaque, ClockEvent event) { CMSDKAPBWatchdog *s = CMSDK_APB_WATCHDOG(opaque); @@ -329,7 +329,8 @@ static void cmsdk_apb_watchdog_init(Object *obj) sysbus_init_mmio(sbd, &s->iomem); sysbus_init_irq(sbd, &s->wdogint); s->wdogclk = qdev_init_clock_in(DEVICE(s), "WDOGCLK", - cmsdk_apb_watchdog_clk_update, s); + cmsdk_apb_watchdog_clk_update, s, + ClockUpdate); s->is_luminary = false; s->id = cmsdk_apb_watchdog_id; |