2 * QEMU S390x KVM implementation
5 * Copyright IBM Corp. 2012
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2 of the License, or (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * Contributions after 2012-10-29 are licensed under the terms of the
18 * GNU GPL, version 2 or (at your option) any later version.
20 * You should have received a copy of the GNU (Lesser) General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
24 #include <sys/types.h>
25 #include <sys/ioctl.h>
28 #include <linux/kvm.h>
29 #include <asm/ptrace.h>
31 #include "qemu-common.h"
32 #include "qemu/timer.h"
33 #include "sysemu/sysemu.h"
34 #include "sysemu/kvm.h"
37 #include "sysemu/device_tree.h"
38 #include "qapi/qmp/qjson.h"
39 #include "monitor/monitor.h"
40 #include "exec/gdbstub.h"
42 #include "qapi-event.h"
43 #include "hw/s390x/s390-pci-inst.h"
44 #include "hw/s390x/s390-pci-bus.h"
46 /* #define DEBUG_KVM */
49 #define DPRINTF(fmt, ...) \
50 do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0)
52 #define DPRINTF(fmt, ...) \
56 #define IPA0_DIAG 0x8300
57 #define IPA0_SIGP 0xae00
58 #define IPA0_B2 0xb200
59 #define IPA0_B9 0xb900
60 #define IPA0_EB 0xeb00
61 #define IPA0_E3 0xe300
63 #define PRIV_B2_SCLP_CALL 0x20
64 #define PRIV_B2_CSCH 0x30
65 #define PRIV_B2_HSCH 0x31
66 #define PRIV_B2_MSCH 0x32
67 #define PRIV_B2_SSCH 0x33
68 #define PRIV_B2_STSCH 0x34
69 #define PRIV_B2_TSCH 0x35
70 #define PRIV_B2_TPI 0x36
71 #define PRIV_B2_SAL 0x37
72 #define PRIV_B2_RSCH 0x38
73 #define PRIV_B2_STCRW 0x39
74 #define PRIV_B2_STCPS 0x3a
75 #define PRIV_B2_RCHP 0x3b
76 #define PRIV_B2_SCHM 0x3c
77 #define PRIV_B2_CHSC 0x5f
78 #define PRIV_B2_SIGA 0x74
79 #define PRIV_B2_XSCH 0x76
81 #define PRIV_EB_SQBS 0x8a
82 #define PRIV_EB_PCISTB 0xd0
83 #define PRIV_EB_SIC 0xd1
85 #define PRIV_B9_EQBS 0x9c
86 #define PRIV_B9_CLP 0xa0
87 #define PRIV_B9_PCISTG 0xd0
88 #define PRIV_B9_PCILG 0xd2
89 #define PRIV_B9_RPCIT 0xd3
91 #define PRIV_E3_MPCIFC 0xd0
92 #define PRIV_E3_STPCIFC 0xd4
94 #define DIAG_IPL 0x308
95 #define DIAG_KVM_HYPERCALL 0x500
96 #define DIAG_KVM_BREAKPOINT 0x501
98 #define ICPT_INSTRUCTION 0x04
99 #define ICPT_PROGRAM 0x08
100 #define ICPT_EXT_INT 0x14
101 #define ICPT_WAITPSW 0x1c
102 #define ICPT_SOFT_INTERCEPT 0x24
103 #define ICPT_CPU_STOP 0x28
106 static CPUWatchpoint hw_watchpoint;
108 * We don't use a list because this structure is also used to transmit the
109 * hardware breakpoints to the kernel.
111 static struct kvm_hw_breakpoint *hw_breakpoints;
112 static int nb_hw_breakpoints;
114 const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
118 static int cap_sync_regs;
119 static int cap_async_pf;
121 static void *legacy_s390_alloc(size_t size, uint64_t *align);
123 static int kvm_s390_check_clear_cmma(KVMState *s)
125 struct kvm_device_attr attr = {
126 .group = KVM_S390_VM_MEM_CTRL,
127 .attr = KVM_S390_VM_MEM_CLR_CMMA,
130 return kvm_vm_ioctl(s, KVM_HAS_DEVICE_ATTR, &attr);
133 static int kvm_s390_check_enable_cmma(KVMState *s)
135 struct kvm_device_attr attr = {
136 .group = KVM_S390_VM_MEM_CTRL,
137 .attr = KVM_S390_VM_MEM_ENABLE_CMMA,
140 return kvm_vm_ioctl(s, KVM_HAS_DEVICE_ATTR, &attr);
143 void kvm_s390_clear_cmma_callback(void *opaque)
146 KVMState *s = opaque;
147 struct kvm_device_attr attr = {
148 .group = KVM_S390_VM_MEM_CTRL,
149 .attr = KVM_S390_VM_MEM_CLR_CMMA,
152 rc = kvm_vm_ioctl(s, KVM_SET_DEVICE_ATTR, &attr);
153 trace_kvm_clear_cmma(rc);
156 static void kvm_s390_enable_cmma(KVMState *s)
159 struct kvm_device_attr attr = {
160 .group = KVM_S390_VM_MEM_CTRL,
161 .attr = KVM_S390_VM_MEM_ENABLE_CMMA,
164 if (kvm_s390_check_enable_cmma(s) || kvm_s390_check_clear_cmma(s)) {
168 rc = kvm_vm_ioctl(s, KVM_SET_DEVICE_ATTR, &attr);
170 qemu_register_reset(kvm_s390_clear_cmma_callback, s);
172 trace_kvm_enable_cmma(rc);
175 int kvm_arch_init(KVMState *s)
177 cap_sync_regs = kvm_check_extension(s, KVM_CAP_SYNC_REGS);
178 cap_async_pf = kvm_check_extension(s, KVM_CAP_ASYNC_PF);
180 if (kvm_check_extension(s, KVM_CAP_VM_ATTRIBUTES)) {
181 kvm_s390_enable_cmma(s);
184 if (!kvm_check_extension(s, KVM_CAP_S390_GMAP)
185 || !kvm_check_extension(s, KVM_CAP_S390_COW)) {
186 phys_mem_set_alloc(legacy_s390_alloc);
191 unsigned long kvm_arch_vcpu_id(CPUState *cpu)
193 return cpu->cpu_index;
196 int kvm_arch_init_vcpu(CPUState *cs)
198 S390CPU *cpu = S390_CPU(cs);
199 kvm_s390_set_cpu_state(cpu, cpu->env.cpu_state);
203 void kvm_s390_reset_vcpu(S390CPU *cpu)
205 CPUState *cs = CPU(cpu);
207 /* The initial reset call is needed here to reset in-kernel
208 * vcpu data that we can't access directly from QEMU
209 * (i.e. with older kernels which don't support sync_regs/ONE_REG).
210 * Before this ioctl cpu_synchronize_state() is called in common kvm
212 if (kvm_vcpu_ioctl(cs, KVM_S390_INITIAL_RESET, NULL)) {
213 error_report("Initial CPU reset failed on CPU %i\n", cs->cpu_index);
217 static int can_sync_regs(CPUState *cs, int regs)
219 return cap_sync_regs && (cs->kvm_run->kvm_valid_regs & regs) == regs;
222 int kvm_arch_put_registers(CPUState *cs, int level)
224 S390CPU *cpu = S390_CPU(cs);
225 CPUS390XState *env = &cpu->env;
226 struct kvm_sregs sregs;
227 struct kvm_regs regs;
228 struct kvm_fpu fpu = {};
232 /* always save the PSW and the GPRS*/
233 cs->kvm_run->psw_addr = env->psw.addr;
234 cs->kvm_run->psw_mask = env->psw.mask;
236 if (can_sync_regs(cs, KVM_SYNC_GPRS)) {
237 for (i = 0; i < 16; i++) {
238 cs->kvm_run->s.regs.gprs[i] = env->regs[i];
239 cs->kvm_run->kvm_dirty_regs |= KVM_SYNC_GPRS;
242 for (i = 0; i < 16; i++) {
243 regs.gprs[i] = env->regs[i];
245 r = kvm_vcpu_ioctl(cs, KVM_SET_REGS, ®s);
252 for (i = 0; i < 16; i++) {
253 fpu.fprs[i] = env->fregs[i].ll;
257 r = kvm_vcpu_ioctl(cs, KVM_SET_FPU, &fpu);
262 /* Do we need to save more than that? */
263 if (level == KVM_PUT_RUNTIME_STATE) {
267 if (can_sync_regs(cs, KVM_SYNC_ARCH0)) {
268 cs->kvm_run->s.regs.cputm = env->cputm;
269 cs->kvm_run->s.regs.ckc = env->ckc;
270 cs->kvm_run->s.regs.todpr = env->todpr;
271 cs->kvm_run->s.regs.gbea = env->gbea;
272 cs->kvm_run->s.regs.pp = env->pp;
273 cs->kvm_run->kvm_dirty_regs |= KVM_SYNC_ARCH0;
276 * These ONE_REGS are not protected by a capability. As they are only
277 * necessary for migration we just trace a possible error, but don't
278 * return with an error return code.
280 kvm_set_one_reg(cs, KVM_REG_S390_CPU_TIMER, &env->cputm);
281 kvm_set_one_reg(cs, KVM_REG_S390_CLOCK_COMP, &env->ckc);
282 kvm_set_one_reg(cs, KVM_REG_S390_TODPR, &env->todpr);
283 kvm_set_one_reg(cs, KVM_REG_S390_GBEA, &env->gbea);
284 kvm_set_one_reg(cs, KVM_REG_S390_PP, &env->pp);
287 /* pfault parameters */
288 if (can_sync_regs(cs, KVM_SYNC_PFAULT)) {
289 cs->kvm_run->s.regs.pft = env->pfault_token;
290 cs->kvm_run->s.regs.pfs = env->pfault_select;
291 cs->kvm_run->s.regs.pfc = env->pfault_compare;
292 cs->kvm_run->kvm_dirty_regs |= KVM_SYNC_PFAULT;
293 } else if (cap_async_pf) {
294 r = kvm_set_one_reg(cs, KVM_REG_S390_PFTOKEN, &env->pfault_token);
298 r = kvm_set_one_reg(cs, KVM_REG_S390_PFCOMPARE, &env->pfault_compare);
302 r = kvm_set_one_reg(cs, KVM_REG_S390_PFSELECT, &env->pfault_select);
308 /* access registers and control registers*/
309 if (can_sync_regs(cs, KVM_SYNC_ACRS | KVM_SYNC_CRS)) {
310 for (i = 0; i < 16; i++) {
311 cs->kvm_run->s.regs.acrs[i] = env->aregs[i];
312 cs->kvm_run->s.regs.crs[i] = env->cregs[i];
314 cs->kvm_run->kvm_dirty_regs |= KVM_SYNC_ACRS;
315 cs->kvm_run->kvm_dirty_regs |= KVM_SYNC_CRS;
317 for (i = 0; i < 16; i++) {
318 sregs.acrs[i] = env->aregs[i];
319 sregs.crs[i] = env->cregs[i];
321 r = kvm_vcpu_ioctl(cs, KVM_SET_SREGS, &sregs);
327 /* Finally the prefix */
328 if (can_sync_regs(cs, KVM_SYNC_PREFIX)) {
329 cs->kvm_run->s.regs.prefix = env->psa;
330 cs->kvm_run->kvm_dirty_regs |= KVM_SYNC_PREFIX;
332 /* prefix is only supported via sync regs */
337 int kvm_arch_get_registers(CPUState *cs)
339 S390CPU *cpu = S390_CPU(cs);
340 CPUS390XState *env = &cpu->env;
341 struct kvm_sregs sregs;
342 struct kvm_regs regs;
347 env->psw.addr = cs->kvm_run->psw_addr;
348 env->psw.mask = cs->kvm_run->psw_mask;
351 if (can_sync_regs(cs, KVM_SYNC_GPRS)) {
352 for (i = 0; i < 16; i++) {
353 env->regs[i] = cs->kvm_run->s.regs.gprs[i];
356 r = kvm_vcpu_ioctl(cs, KVM_GET_REGS, ®s);
360 for (i = 0; i < 16; i++) {
361 env->regs[i] = regs.gprs[i];
365 /* The ACRS and CRS */
366 if (can_sync_regs(cs, KVM_SYNC_ACRS | KVM_SYNC_CRS)) {
367 for (i = 0; i < 16; i++) {
368 env->aregs[i] = cs->kvm_run->s.regs.acrs[i];
369 env->cregs[i] = cs->kvm_run->s.regs.crs[i];
372 r = kvm_vcpu_ioctl(cs, KVM_GET_SREGS, &sregs);
376 for (i = 0; i < 16; i++) {
377 env->aregs[i] = sregs.acrs[i];
378 env->cregs[i] = sregs.crs[i];
383 r = kvm_vcpu_ioctl(cs, KVM_GET_FPU, &fpu);
387 for (i = 0; i < 16; i++) {
388 env->fregs[i].ll = fpu.fprs[i];
393 if (can_sync_regs(cs, KVM_SYNC_PREFIX)) {
394 env->psa = cs->kvm_run->s.regs.prefix;
397 if (can_sync_regs(cs, KVM_SYNC_ARCH0)) {
398 env->cputm = cs->kvm_run->s.regs.cputm;
399 env->ckc = cs->kvm_run->s.regs.ckc;
400 env->todpr = cs->kvm_run->s.regs.todpr;
401 env->gbea = cs->kvm_run->s.regs.gbea;
402 env->pp = cs->kvm_run->s.regs.pp;
405 * These ONE_REGS are not protected by a capability. As they are only
406 * necessary for migration we just trace a possible error, but don't
407 * return with an error return code.
409 kvm_get_one_reg(cs, KVM_REG_S390_CPU_TIMER, &env->cputm);
410 kvm_get_one_reg(cs, KVM_REG_S390_CLOCK_COMP, &env->ckc);
411 kvm_get_one_reg(cs, KVM_REG_S390_TODPR, &env->todpr);
412 kvm_get_one_reg(cs, KVM_REG_S390_GBEA, &env->gbea);
413 kvm_get_one_reg(cs, KVM_REG_S390_PP, &env->pp);
416 /* pfault parameters */
417 if (can_sync_regs(cs, KVM_SYNC_PFAULT)) {
418 env->pfault_token = cs->kvm_run->s.regs.pft;
419 env->pfault_select = cs->kvm_run->s.regs.pfs;
420 env->pfault_compare = cs->kvm_run->s.regs.pfc;
421 } else if (cap_async_pf) {
422 r = kvm_get_one_reg(cs, KVM_REG_S390_PFTOKEN, &env->pfault_token);
426 r = kvm_get_one_reg(cs, KVM_REG_S390_PFCOMPARE, &env->pfault_compare);
430 r = kvm_get_one_reg(cs, KVM_REG_S390_PFSELECT, &env->pfault_select);
440 * Legacy layout for s390:
441 * Older S390 KVM requires the topmost vma of the RAM to be
442 * smaller than an system defined value, which is at least 256GB.
443 * Larger systems have larger values. We put the guest between
444 * the end of data segment (system break) and this value. We
445 * use 32GB as a base to have enough room for the system break
446 * to grow. We also have to use MAP parameters that avoid
447 * read-only mapping of guest pages.
449 static void *legacy_s390_alloc(size_t size, uint64_t *align)
453 mem = mmap((void *) 0x800000000ULL, size,
454 PROT_EXEC|PROT_READ|PROT_WRITE,
455 MAP_SHARED | MAP_ANONYMOUS | MAP_FIXED, -1, 0);
456 return mem == MAP_FAILED ? NULL : mem;
459 /* DIAG 501 is used for sw breakpoints */
460 static const uint8_t diag_501[] = {0x83, 0x24, 0x05, 0x01};
462 int kvm_arch_insert_sw_breakpoint(CPUState *cs, struct kvm_sw_breakpoint *bp)
465 if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&bp->saved_insn,
466 sizeof(diag_501), 0) ||
467 cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)diag_501,
468 sizeof(diag_501), 1)) {
474 int kvm_arch_remove_sw_breakpoint(CPUState *cs, struct kvm_sw_breakpoint *bp)
476 uint8_t t[sizeof(diag_501)];
478 if (cpu_memory_rw_debug(cs, bp->pc, t, sizeof(diag_501), 0)) {
480 } else if (memcmp(t, diag_501, sizeof(diag_501))) {
482 } else if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&bp->saved_insn,
483 sizeof(diag_501), 1)) {
490 static struct kvm_hw_breakpoint *find_hw_breakpoint(target_ulong addr,
495 for (n = 0; n < nb_hw_breakpoints; n++) {
496 if (hw_breakpoints[n].addr == addr && hw_breakpoints[n].type == type &&
497 (hw_breakpoints[n].len == len || len == -1)) {
498 return &hw_breakpoints[n];
505 static int insert_hw_breakpoint(target_ulong addr, int len, int type)
509 if (find_hw_breakpoint(addr, len, type)) {
513 size = (nb_hw_breakpoints + 1) * sizeof(struct kvm_hw_breakpoint);
515 if (!hw_breakpoints) {
516 nb_hw_breakpoints = 0;
517 hw_breakpoints = (struct kvm_hw_breakpoint *)g_try_malloc(size);
520 (struct kvm_hw_breakpoint *)g_try_realloc(hw_breakpoints, size);
523 if (!hw_breakpoints) {
524 nb_hw_breakpoints = 0;
528 hw_breakpoints[nb_hw_breakpoints].addr = addr;
529 hw_breakpoints[nb_hw_breakpoints].len = len;
530 hw_breakpoints[nb_hw_breakpoints].type = type;
537 int kvm_arch_insert_hw_breakpoint(target_ulong addr,
538 target_ulong len, int type)
541 case GDB_BREAKPOINT_HW:
544 case GDB_WATCHPOINT_WRITE:
548 type = KVM_HW_WP_WRITE;
553 return insert_hw_breakpoint(addr, len, type);
556 int kvm_arch_remove_hw_breakpoint(target_ulong addr,
557 target_ulong len, int type)
560 struct kvm_hw_breakpoint *bp = find_hw_breakpoint(addr, len, type);
567 if (nb_hw_breakpoints > 0) {
569 * In order to trim the array, move the last element to the position to
570 * be removed - if necessary.
572 if (bp != &hw_breakpoints[nb_hw_breakpoints]) {
573 *bp = hw_breakpoints[nb_hw_breakpoints];
575 size = nb_hw_breakpoints * sizeof(struct kvm_hw_breakpoint);
577 (struct kvm_hw_breakpoint *)g_realloc(hw_breakpoints, size);
579 g_free(hw_breakpoints);
580 hw_breakpoints = NULL;
586 void kvm_arch_remove_all_hw_breakpoints(void)
588 nb_hw_breakpoints = 0;
589 g_free(hw_breakpoints);
590 hw_breakpoints = NULL;
593 void kvm_arch_update_guest_debug(CPUState *cpu, struct kvm_guest_debug *dbg)
597 if (nb_hw_breakpoints > 0) {
598 dbg->arch.nr_hw_bp = nb_hw_breakpoints;
599 dbg->arch.hw_bp = hw_breakpoints;
601 for (i = 0; i < nb_hw_breakpoints; ++i) {
602 hw_breakpoints[i].phys_addr = s390_cpu_get_phys_addr_debug(cpu,
603 hw_breakpoints[i].addr);
605 dbg->control |= KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_HW_BP;
607 dbg->arch.nr_hw_bp = 0;
608 dbg->arch.hw_bp = NULL;
612 void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
616 void kvm_arch_post_run(CPUState *cpu, struct kvm_run *run)
620 int kvm_arch_process_async_events(CPUState *cs)
625 static int s390_kvm_irq_to_interrupt(struct kvm_s390_irq *irq,
626 struct kvm_s390_interrupt *interrupt)
630 interrupt->type = irq->type;
632 case KVM_S390_INT_VIRTIO:
633 interrupt->parm = irq->u.ext.ext_params;
635 case KVM_S390_INT_PFAULT_INIT:
636 case KVM_S390_INT_PFAULT_DONE:
637 interrupt->parm64 = irq->u.ext.ext_params2;
639 case KVM_S390_PROGRAM_INT:
640 interrupt->parm = irq->u.pgm.code;
642 case KVM_S390_SIGP_SET_PREFIX:
643 interrupt->parm = irq->u.prefix.address;
645 case KVM_S390_INT_SERVICE:
646 interrupt->parm = irq->u.ext.ext_params;
649 interrupt->parm = irq->u.mchk.cr14;
650 interrupt->parm64 = irq->u.mchk.mcic;
652 case KVM_S390_INT_EXTERNAL_CALL:
653 interrupt->parm = irq->u.extcall.code;
655 case KVM_S390_INT_EMERGENCY:
656 interrupt->parm = irq->u.emerg.code;
658 case KVM_S390_SIGP_STOP:
659 case KVM_S390_RESTART:
660 break; /* These types have no parameters */
661 case KVM_S390_INT_IO_MIN...KVM_S390_INT_IO_MAX:
662 interrupt->parm = irq->u.io.subchannel_id << 16;
663 interrupt->parm |= irq->u.io.subchannel_nr;
664 interrupt->parm64 = (uint64_t)irq->u.io.io_int_parm << 32;
665 interrupt->parm64 |= irq->u.io.io_int_word;
674 void kvm_s390_vcpu_interrupt(S390CPU *cpu, struct kvm_s390_irq *irq)
676 struct kvm_s390_interrupt kvmint = {};
677 CPUState *cs = CPU(cpu);
680 r = s390_kvm_irq_to_interrupt(irq, &kvmint);
682 fprintf(stderr, "%s called with bogus interrupt\n", __func__);
686 r = kvm_vcpu_ioctl(cs, KVM_S390_INTERRUPT, &kvmint);
688 fprintf(stderr, "KVM failed to inject interrupt\n");
693 static void __kvm_s390_floating_interrupt(struct kvm_s390_irq *irq)
695 struct kvm_s390_interrupt kvmint = {};
698 r = s390_kvm_irq_to_interrupt(irq, &kvmint);
700 fprintf(stderr, "%s called with bogus interrupt\n", __func__);
704 r = kvm_vm_ioctl(kvm_state, KVM_S390_INTERRUPT, &kvmint);
706 fprintf(stderr, "KVM failed to inject interrupt\n");
711 void kvm_s390_floating_interrupt(struct kvm_s390_irq *irq)
713 static bool use_flic = true;
717 r = kvm_s390_inject_flic(irq);
725 __kvm_s390_floating_interrupt(irq);
728 void kvm_s390_virtio_irq(int config_change, uint64_t token)
730 struct kvm_s390_irq irq = {
731 .type = KVM_S390_INT_VIRTIO,
732 .u.ext.ext_params = config_change,
733 .u.ext.ext_params2 = token,
736 kvm_s390_floating_interrupt(&irq);
739 void kvm_s390_service_interrupt(uint32_t parm)
741 struct kvm_s390_irq irq = {
742 .type = KVM_S390_INT_SERVICE,
743 .u.ext.ext_params = parm,
746 kvm_s390_floating_interrupt(&irq);
749 static void enter_pgmcheck(S390CPU *cpu, uint16_t code)
751 struct kvm_s390_irq irq = {
752 .type = KVM_S390_PROGRAM_INT,
756 kvm_s390_vcpu_interrupt(cpu, &irq);
759 static int kvm_sclp_service_call(S390CPU *cpu, struct kvm_run *run,
762 CPUS390XState *env = &cpu->env;
767 cpu_synchronize_state(CPU(cpu));
768 sccb = env->regs[ipbh0 & 0xf];
769 code = env->regs[(ipbh0 & 0xf0) >> 4];
771 r = sclp_service_call(env, sccb, code);
773 enter_pgmcheck(cpu, -r);
781 static int handle_b2(S390CPU *cpu, struct kvm_run *run, uint8_t ipa1)
783 CPUS390XState *env = &cpu->env;
785 uint16_t ipbh0 = (run->s390_sieic.ipb & 0xffff0000) >> 16;
787 cpu_synchronize_state(CPU(cpu));
791 ioinst_handle_xsch(cpu, env->regs[1]);
794 ioinst_handle_csch(cpu, env->regs[1]);
797 ioinst_handle_hsch(cpu, env->regs[1]);
800 ioinst_handle_msch(cpu, env->regs[1], run->s390_sieic.ipb);
803 ioinst_handle_ssch(cpu, env->regs[1], run->s390_sieic.ipb);
806 ioinst_handle_stcrw(cpu, run->s390_sieic.ipb);
809 ioinst_handle_stsch(cpu, env->regs[1], run->s390_sieic.ipb);
812 /* We should only get tsch via KVM_EXIT_S390_TSCH. */
813 fprintf(stderr, "Spurious tsch intercept\n");
816 ioinst_handle_chsc(cpu, run->s390_sieic.ipb);
819 /* This should have been handled by kvm already. */
820 fprintf(stderr, "Spurious tpi intercept\n");
823 ioinst_handle_schm(cpu, env->regs[1], env->regs[2],
824 run->s390_sieic.ipb);
827 ioinst_handle_rsch(cpu, env->regs[1]);
830 ioinst_handle_rchp(cpu, env->regs[1]);
833 /* We do not provide this instruction, it is suppressed. */
836 ioinst_handle_sal(cpu, env->regs[1]);
839 /* Not provided, set CC = 3 for subchannel not operational */
842 case PRIV_B2_SCLP_CALL:
843 rc = kvm_sclp_service_call(cpu, run, ipbh0);
847 DPRINTF("KVM: unhandled PRIV: 0xb2%x\n", ipa1);
854 static uint64_t get_base_disp_rxy(S390CPU *cpu, struct kvm_run *run)
856 CPUS390XState *env = &cpu->env;
857 uint32_t x2 = (run->s390_sieic.ipa & 0x000f);
858 uint32_t base2 = run->s390_sieic.ipb >> 28;
859 uint32_t disp2 = ((run->s390_sieic.ipb & 0x0fff0000) >> 16) +
860 ((run->s390_sieic.ipb & 0xff00) << 4);
862 if (disp2 & 0x80000) {
866 return (base2 ? env->regs[base2] : 0) +
867 (x2 ? env->regs[x2] : 0) + (long)(int)disp2;
870 static uint64_t get_base_disp_rsy(S390CPU *cpu, struct kvm_run *run)
872 CPUS390XState *env = &cpu->env;
873 uint32_t base2 = run->s390_sieic.ipb >> 28;
874 uint32_t disp2 = ((run->s390_sieic.ipb & 0x0fff0000) >> 16) +
875 ((run->s390_sieic.ipb & 0xff00) << 4);
877 if (disp2 & 0x80000) {
881 return (base2 ? env->regs[base2] : 0) + (long)(int)disp2;
884 static int kvm_clp_service_call(S390CPU *cpu, struct kvm_run *run)
886 uint8_t r2 = (run->s390_sieic.ipb & 0x000f0000) >> 16;
888 return clp_service_call(cpu, r2);
891 static int kvm_pcilg_service_call(S390CPU *cpu, struct kvm_run *run)
893 uint8_t r1 = (run->s390_sieic.ipb & 0x00f00000) >> 20;
894 uint8_t r2 = (run->s390_sieic.ipb & 0x000f0000) >> 16;
896 return pcilg_service_call(cpu, r1, r2);
899 static int kvm_pcistg_service_call(S390CPU *cpu, struct kvm_run *run)
901 uint8_t r1 = (run->s390_sieic.ipb & 0x00f00000) >> 20;
902 uint8_t r2 = (run->s390_sieic.ipb & 0x000f0000) >> 16;
904 return pcistg_service_call(cpu, r1, r2);
907 static int kvm_stpcifc_service_call(S390CPU *cpu, struct kvm_run *run)
909 uint8_t r1 = (run->s390_sieic.ipa & 0x00f0) >> 4;
912 cpu_synchronize_state(CPU(cpu));
913 fiba = get_base_disp_rxy(cpu, run);
915 return stpcifc_service_call(cpu, r1, fiba);
918 static int kvm_sic_service_call(S390CPU *cpu, struct kvm_run *run)
924 static int kvm_rpcit_service_call(S390CPU *cpu, struct kvm_run *run)
926 uint8_t r1 = (run->s390_sieic.ipb & 0x00f00000) >> 20;
927 uint8_t r2 = (run->s390_sieic.ipb & 0x000f0000) >> 16;
929 return rpcit_service_call(cpu, r1, r2);
932 static int kvm_pcistb_service_call(S390CPU *cpu, struct kvm_run *run)
934 uint8_t r1 = (run->s390_sieic.ipa & 0x00f0) >> 4;
935 uint8_t r3 = run->s390_sieic.ipa & 0x000f;
938 cpu_synchronize_state(CPU(cpu));
939 gaddr = get_base_disp_rsy(cpu, run);
941 return pcistb_service_call(cpu, r1, r3, gaddr);
944 static int kvm_mpcifc_service_call(S390CPU *cpu, struct kvm_run *run)
946 uint8_t r1 = (run->s390_sieic.ipa & 0x00f0) >> 4;
949 cpu_synchronize_state(CPU(cpu));
950 fiba = get_base_disp_rxy(cpu, run);
952 return mpcifc_service_call(cpu, r1, fiba);
955 static int handle_b9(S390CPU *cpu, struct kvm_run *run, uint8_t ipa1)
961 r = kvm_clp_service_call(cpu, run);
964 r = kvm_pcistg_service_call(cpu, run);
967 r = kvm_pcilg_service_call(cpu, run);
970 r = kvm_rpcit_service_call(cpu, run);
973 /* just inject exception */
978 DPRINTF("KVM: unhandled PRIV: 0xb9%x\n", ipa1);
985 static int handle_eb(S390CPU *cpu, struct kvm_run *run, uint8_t ipbl)
991 r = kvm_pcistb_service_call(cpu, run);
994 r = kvm_sic_service_call(cpu, run);
997 /* just inject exception */
1002 DPRINTF("KVM: unhandled PRIV: 0xeb%x\n", ipbl);
1009 static int handle_e3(S390CPU *cpu, struct kvm_run *run, uint8_t ipbl)
1014 case PRIV_E3_MPCIFC:
1015 r = kvm_mpcifc_service_call(cpu, run);
1017 case PRIV_E3_STPCIFC:
1018 r = kvm_stpcifc_service_call(cpu, run);
1022 DPRINTF("KVM: unhandled PRIV: 0xe3%x\n", ipbl);
1029 static int handle_hypercall(S390CPU *cpu, struct kvm_run *run)
1031 CPUS390XState *env = &cpu->env;
1034 cpu_synchronize_state(CPU(cpu));
1035 ret = s390_virtio_hypercall(env);
1036 if (ret == -EINVAL) {
1037 enter_pgmcheck(cpu, PGM_SPECIFICATION);
1044 static void kvm_handle_diag_308(S390CPU *cpu, struct kvm_run *run)
1048 cpu_synchronize_state(CPU(cpu));
1049 r1 = (run->s390_sieic.ipa & 0x00f0) >> 8;
1050 r3 = run->s390_sieic.ipa & 0x000f;
1051 handle_diag_308(&cpu->env, r1, r3);
1054 static int handle_sw_breakpoint(S390CPU *cpu, struct kvm_run *run)
1056 CPUS390XState *env = &cpu->env;
1059 cpu_synchronize_state(CPU(cpu));
1061 pc = env->psw.addr - 4;
1062 if (kvm_find_sw_breakpoint(CPU(cpu), pc)) {
1070 #define DIAG_KVM_CODE_MASK 0x000000000000ffff
1072 static int handle_diag(S390CPU *cpu, struct kvm_run *run, uint32_t ipb)
1078 * For any diagnose call we support, bits 48-63 of the resulting
1079 * address specify the function code; the remainder is ignored.
1081 func_code = decode_basedisp_rs(&cpu->env, ipb) & DIAG_KVM_CODE_MASK;
1082 switch (func_code) {
1084 kvm_handle_diag_308(cpu, run);
1086 case DIAG_KVM_HYPERCALL:
1087 r = handle_hypercall(cpu, run);
1089 case DIAG_KVM_BREAKPOINT:
1090 r = handle_sw_breakpoint(cpu, run);
1093 DPRINTF("KVM: unknown DIAG: 0x%x\n", func_code);
1101 static void sigp_cpu_start(void *arg)
1104 S390CPU *cpu = S390_CPU(cs);
1106 s390_cpu_set_state(CPU_STATE_OPERATING, cpu);
1107 DPRINTF("DONE: KVM cpu start: %p\n", &cpu->env);
1110 static void sigp_cpu_restart(void *arg)
1113 S390CPU *cpu = S390_CPU(cs);
1114 struct kvm_s390_irq irq = {
1115 .type = KVM_S390_RESTART,
1118 kvm_s390_vcpu_interrupt(cpu, &irq);
1119 s390_cpu_set_state(CPU_STATE_OPERATING, cpu);
1122 int kvm_s390_cpu_restart(S390CPU *cpu)
1124 run_on_cpu(CPU(cpu), sigp_cpu_restart, CPU(cpu));
1125 DPRINTF("DONE: KVM cpu restart: %p\n", &cpu->env);
1129 static void sigp_initial_cpu_reset(void *arg)
1131 CPUState *cpu = arg;
1132 S390CPUClass *scc = S390_CPU_GET_CLASS(cpu);
1134 cpu_synchronize_state(cpu);
1135 scc->initial_cpu_reset(cpu);
1136 cpu_synchronize_post_reset(cpu);
1139 static void sigp_cpu_reset(void *arg)
1141 CPUState *cpu = arg;
1142 S390CPUClass *scc = S390_CPU_GET_CLASS(cpu);
1144 cpu_synchronize_state(cpu);
1145 scc->cpu_reset(cpu);
1146 cpu_synchronize_post_reset(cpu);
1149 #define SIGP_ORDER_MASK 0x000000ff
1151 static int handle_sigp(S390CPU *cpu, struct kvm_run *run, uint8_t ipa1)
1153 CPUS390XState *env = &cpu->env;
1156 S390CPU *target_cpu;
1157 uint64_t *statusreg = &env->regs[ipa1 >> 4];
1160 cpu_synchronize_state(CPU(cpu));
1162 /* get order code */
1163 order_code = decode_basedisp_rs(env, run->s390_sieic.ipb) & SIGP_ORDER_MASK;
1165 cpu_addr = env->regs[ipa1 & 0x0f];
1166 target_cpu = s390_cpu_addr2state(cpu_addr);
1167 if (target_cpu == NULL) {
1168 cc = 3; /* not operational */
1172 switch (order_code) {
1174 run_on_cpu(CPU(target_cpu), sigp_cpu_start, CPU(target_cpu));
1178 run_on_cpu(CPU(target_cpu), sigp_cpu_restart, CPU(target_cpu));
1182 *statusreg &= 0xffffffff00000000UL;
1183 *statusreg |= SIGP_STAT_INVALID_PARAMETER;
1184 cc = 1; /* status stored */
1186 case SIGP_INITIAL_CPU_RESET:
1187 run_on_cpu(CPU(target_cpu), sigp_initial_cpu_reset, CPU(target_cpu));
1190 case SIGP_CPU_RESET:
1191 run_on_cpu(CPU(target_cpu), sigp_cpu_reset, CPU(target_cpu));
1195 DPRINTF("KVM: unknown SIGP: 0x%x\n", order_code);
1196 *statusreg &= 0xffffffff00000000UL;
1197 *statusreg |= SIGP_STAT_INVALID_ORDER;
1198 cc = 1; /* status stored */
1207 static int handle_instruction(S390CPU *cpu, struct kvm_run *run)
1209 unsigned int ipa0 = (run->s390_sieic.ipa & 0xff00);
1210 uint8_t ipa1 = run->s390_sieic.ipa & 0x00ff;
1213 DPRINTF("handle_instruction 0x%x 0x%x\n",
1214 run->s390_sieic.ipa, run->s390_sieic.ipb);
1217 r = handle_b2(cpu, run, ipa1);
1220 r = handle_b9(cpu, run, ipa1);
1223 r = handle_eb(cpu, run, run->s390_sieic.ipb & 0xff);
1226 r = handle_e3(cpu, run, run->s390_sieic.ipb & 0xff);
1229 r = handle_diag(cpu, run, run->s390_sieic.ipb);
1232 r = handle_sigp(cpu, run, ipa1);
1238 enter_pgmcheck(cpu, 0x0001);
1244 static bool is_special_wait_psw(CPUState *cs)
1246 /* signal quiesce */
1247 return cs->kvm_run->psw_addr == 0xfffUL;
1250 static void guest_panicked(void)
1252 qapi_event_send_guest_panicked(GUEST_PANIC_ACTION_PAUSE,
1254 vm_stop(RUN_STATE_GUEST_PANICKED);
1257 static void unmanageable_intercept(S390CPU *cpu, const char *str, int pswoffset)
1259 CPUState *cs = CPU(cpu);
1261 error_report("Unmanageable %s! CPU%i new PSW: 0x%016lx:%016lx",
1262 str, cs->cpu_index, ldq_phys(cs->as, cpu->env.psa + pswoffset),
1263 ldq_phys(cs->as, cpu->env.psa + pswoffset + 8));
1268 static int handle_intercept(S390CPU *cpu)
1270 CPUState *cs = CPU(cpu);
1271 struct kvm_run *run = cs->kvm_run;
1272 int icpt_code = run->s390_sieic.icptcode;
1275 DPRINTF("intercept: 0x%x (at 0x%lx)\n", icpt_code,
1276 (long)cs->kvm_run->psw_addr);
1277 switch (icpt_code) {
1278 case ICPT_INSTRUCTION:
1279 r = handle_instruction(cpu, run);
1282 unmanageable_intercept(cpu, "program interrupt",
1283 offsetof(LowCore, program_new_psw));
1287 unmanageable_intercept(cpu, "external interrupt",
1288 offsetof(LowCore, external_new_psw));
1292 /* disabled wait, since enabled wait is handled in kernel */
1293 cpu_synchronize_state(cs);
1294 if (s390_cpu_halt(cpu) == 0) {
1295 if (is_special_wait_psw(cs)) {
1296 qemu_system_shutdown_request();
1304 if (s390_cpu_set_state(CPU_STATE_STOPPED, cpu) == 0) {
1305 qemu_system_shutdown_request();
1309 case ICPT_SOFT_INTERCEPT:
1310 fprintf(stderr, "KVM unimplemented icpt SOFT\n");
1314 fprintf(stderr, "KVM unimplemented icpt IO\n");
1318 fprintf(stderr, "Unknown intercept code: %d\n", icpt_code);
1326 static int handle_tsch(S390CPU *cpu)
1328 CPUS390XState *env = &cpu->env;
1329 CPUState *cs = CPU(cpu);
1330 struct kvm_run *run = cs->kvm_run;
1333 cpu_synchronize_state(cs);
1335 ret = ioinst_handle_tsch(env, env->regs[1], run->s390_tsch.ipb);
1337 /* Success; set condition code. */
1340 } else if (ret < -1) {
1343 * If an I/O interrupt had been dequeued, we have to reinject it.
1345 if (run->s390_tsch.dequeued) {
1346 kvm_s390_io_interrupt(run->s390_tsch.subchannel_id,
1347 run->s390_tsch.subchannel_nr,
1348 run->s390_tsch.io_int_parm,
1349 run->s390_tsch.io_int_word);
1356 static int kvm_arch_handle_debug_exit(S390CPU *cpu)
1358 CPUState *cs = CPU(cpu);
1359 struct kvm_run *run = cs->kvm_run;
1362 struct kvm_debug_exit_arch *arch_info = &run->debug.arch;
1364 switch (arch_info->type) {
1365 case KVM_HW_WP_WRITE:
1366 if (find_hw_breakpoint(arch_info->addr, -1, arch_info->type)) {
1367 cs->watchpoint_hit = &hw_watchpoint;
1368 hw_watchpoint.vaddr = arch_info->addr;
1369 hw_watchpoint.flags = BP_MEM_WRITE;
1374 if (find_hw_breakpoint(arch_info->addr, -1, arch_info->type)) {
1378 case KVM_SINGLESTEP:
1379 if (cs->singlestep_enabled) {
1390 int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
1392 S390CPU *cpu = S390_CPU(cs);
1395 switch (run->exit_reason) {
1396 case KVM_EXIT_S390_SIEIC:
1397 ret = handle_intercept(cpu);
1399 case KVM_EXIT_S390_RESET:
1400 qemu_system_reset_request();
1402 case KVM_EXIT_S390_TSCH:
1403 ret = handle_tsch(cpu);
1405 case KVM_EXIT_DEBUG:
1406 ret = kvm_arch_handle_debug_exit(cpu);
1409 fprintf(stderr, "Unknown KVM exit: %d\n", run->exit_reason);
1414 ret = EXCP_INTERRUPT;
1419 bool kvm_arch_stop_on_emulation_error(CPUState *cpu)
1424 int kvm_arch_on_sigbus_vcpu(CPUState *cpu, int code, void *addr)
1429 int kvm_arch_on_sigbus(int code, void *addr)
1434 void kvm_s390_io_interrupt(uint16_t subchannel_id,
1435 uint16_t subchannel_nr, uint32_t io_int_parm,
1436 uint32_t io_int_word)
1438 struct kvm_s390_irq irq = {
1439 .u.io.subchannel_id = subchannel_id,
1440 .u.io.subchannel_nr = subchannel_nr,
1441 .u.io.io_int_parm = io_int_parm,
1442 .u.io.io_int_word = io_int_word,
1445 if (io_int_word & IO_INT_WORD_AI) {
1446 irq.type = KVM_S390_INT_IO(1, 0, 0, 0);
1448 irq.type = ((subchannel_id & 0xff00) << 24) |
1449 ((subchannel_id & 0x00060) << 22) | (subchannel_nr << 16);
1451 kvm_s390_floating_interrupt(&irq);
1454 void kvm_s390_crw_mchk(void)
1456 struct kvm_s390_irq irq = {
1457 .type = KVM_S390_MCHK,
1458 .u.mchk.cr14 = 1 << 28,
1459 .u.mchk.mcic = 0x00400f1d40330000ULL,
1461 kvm_s390_floating_interrupt(&irq);
1464 void kvm_s390_enable_css_support(S390CPU *cpu)
1468 /* Activate host kernel channel subsystem support. */
1469 r = kvm_vcpu_enable_cap(CPU(cpu), KVM_CAP_S390_CSS_SUPPORT, 0);
1473 void kvm_arch_init_irq_routing(KVMState *s)
1476 * Note that while irqchip capabilities generally imply that cpustates
1477 * are handled in-kernel, it is not true for s390 (yet); therefore, we
1478 * have to override the common code kvm_halt_in_kernel_allowed setting.
1480 if (kvm_check_extension(s, KVM_CAP_IRQ_ROUTING)) {
1481 kvm_gsi_routing_allowed = true;
1482 kvm_halt_in_kernel_allowed = false;
1486 int kvm_s390_assign_subch_ioeventfd(EventNotifier *notifier, uint32_t sch,
1487 int vq, bool assign)
1489 struct kvm_ioeventfd kick = {
1490 .flags = KVM_IOEVENTFD_FLAG_VIRTIO_CCW_NOTIFY |
1491 KVM_IOEVENTFD_FLAG_DATAMATCH,
1492 .fd = event_notifier_get_fd(notifier),
1497 if (!kvm_check_extension(kvm_state, KVM_CAP_IOEVENTFD)) {
1501 kick.flags |= KVM_IOEVENTFD_FLAG_DEASSIGN;
1503 return kvm_vm_ioctl(kvm_state, KVM_IOEVENTFD, &kick);
1506 int kvm_s390_get_memslot_count(KVMState *s)
1508 return kvm_check_extension(s, KVM_CAP_NR_MEMSLOTS);
1511 int kvm_s390_set_cpu_state(S390CPU *cpu, uint8_t cpu_state)
1513 struct kvm_mp_state mp_state = {};
1516 /* the kvm part might not have been initialized yet */
1517 if (CPU(cpu)->kvm_state == NULL) {
1521 switch (cpu_state) {
1522 case CPU_STATE_STOPPED:
1523 mp_state.mp_state = KVM_MP_STATE_STOPPED;
1525 case CPU_STATE_CHECK_STOP:
1526 mp_state.mp_state = KVM_MP_STATE_CHECK_STOP;
1528 case CPU_STATE_OPERATING:
1529 mp_state.mp_state = KVM_MP_STATE_OPERATING;
1531 case CPU_STATE_LOAD:
1532 mp_state.mp_state = KVM_MP_STATE_LOAD;
1535 error_report("Requested CPU state is not a valid S390 CPU state: %u",
1540 ret = kvm_vcpu_ioctl(CPU(cpu), KVM_SET_MP_STATE, &mp_state);
1542 trace_kvm_failed_cpu_state_set(CPU(cpu)->cpu_index, cpu_state,
1549 int kvm_arch_fixup_msi_route(struct kvm_irq_routing_entry *route,
1550 uint64_t address, uint32_t data)
1552 S390PCIBusDevice *pbdev;
1553 uint32_t fid = data >> ZPCI_MSI_VEC_BITS;
1554 uint32_t vec = data & ZPCI_MSI_VEC_MASK;
1556 pbdev = s390_pci_find_dev_by_fid(fid);
1558 DPRINTF("add_msi_route no dev\n");
1562 pbdev->routes.adapter.ind_offset = vec;
1564 route->type = KVM_IRQ_ROUTING_S390_ADAPTER;
1566 route->u.adapter.summary_addr = pbdev->routes.adapter.summary_addr;
1567 route->u.adapter.ind_addr = pbdev->routes.adapter.ind_addr;
1568 route->u.adapter.summary_offset = pbdev->routes.adapter.summary_offset;
1569 route->u.adapter.ind_offset = pbdev->routes.adapter.ind_offset;
1570 route->u.adapter.adapter_id = pbdev->routes.adapter.adapter_id;
projects / qemu.git / blob