1 /* 2 * ARM Generic/Distributed Interrupt Controller 3 * 4 * Copyright (c) 2006-2007 CodeSourcery. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the GPL. 8 */ 9 10 /* This file contains implementation code for the RealView EB interrupt 11 * controller, MPCore distributed interrupt controller and ARMv7-M 12 * Nested Vectored Interrupt Controller. 13 * It is compiled in two ways: 14 * (1) as a standalone file to produce a sysbus device which is a GIC 15 * that can be used on the realview board and as one of the builtin 16 * private peripherals for the ARM MP CPUs (11MPCore, A9, etc) 17 * (2) by being directly #included into armv7m_nvic.c to produce the 18 * armv7m_nvic device. 19 */ 20 21 #include "qemu/osdep.h" 22 #include "hw/sysbus.h" 23 #include "gic_internal.h" 24 #include "qapi/error.h" 25 #include "qom/cpu.h" 26 #include "qemu/log.h" 27 #include "trace.h" 28 29 //#define DEBUG_GIC 30 31 #ifdef DEBUG_GIC 32 #define DPRINTF(fmt, ...) \ 33 do { fprintf(stderr, "arm_gic: " fmt , ## __VA_ARGS__); } while (0) 34 #else 35 #define DPRINTF(fmt, ...) do {} while(0) 36 #endif 37 38 static const uint8_t gic_id_11mpcore[] = { 39 0x00, 0x00, 0x00, 0x00, 0x90, 0x13, 0x04, 0x00, 0x0d, 0xf0, 0x05, 0xb1 40 }; 41 42 static const uint8_t gic_id_gicv1[] = { 43 0x04, 0x00, 0x00, 0x00, 0x90, 0xb3, 0x1b, 0x00, 0x0d, 0xf0, 0x05, 0xb1 44 }; 45 46 static const uint8_t gic_id_gicv2[] = { 47 0x04, 0x00, 0x00, 0x00, 0x90, 0xb4, 0x2b, 0x00, 0x0d, 0xf0, 0x05, 0xb1 48 }; 49 50 static inline int gic_get_current_cpu(GICState *s) 51 { 52 if (s->num_cpu > 1) { 53 return current_cpu->cpu_index; 54 } 55 return 0; 56 } 57 58 /* Return true if this GIC config has interrupt groups, which is 59 * true if we're a GICv2, or a GICv1 with the security extensions. 60 */ 61 static inline bool gic_has_groups(GICState *s) 62 { 63 return s->revision == 2 || s->security_extn; 64 } 65 66 /* TODO: Many places that call this routine could be optimized. */ 67 /* Update interrupt status after enabled or pending bits have been changed. */ 68 void gic_update(GICState *s) 69 { 70 int best_irq; 71 int best_prio; 72 int irq; 73 int irq_level, fiq_level; 74 int cpu; 75 int cm; 76 77 for (cpu = 0; cpu < s->num_cpu; cpu++) { 78 cm = 1 << cpu; 79 s->current_pending[cpu] = 1023; 80 if (!(s->ctlr & (GICD_CTLR_EN_GRP0 | GICD_CTLR_EN_GRP1)) 81 || !(s->cpu_ctlr[cpu] & (GICC_CTLR_EN_GRP0 | GICC_CTLR_EN_GRP1))) { 82 qemu_irq_lower(s->parent_irq[cpu]); 83 qemu_irq_lower(s->parent_fiq[cpu]); 84 continue; 85 } 86 best_prio = 0x100; 87 best_irq = 1023; 88 for (irq = 0; irq < s->num_irq; irq++) { 89 if (GIC_TEST_ENABLED(irq, cm) && gic_test_pending(s, irq, cm) && 90 (irq < GIC_INTERNAL || GIC_TARGET(irq) & cm)) { 91 if (GIC_GET_PRIORITY(irq, cpu) < best_prio) { 92 best_prio = GIC_GET_PRIORITY(irq, cpu); 93 best_irq = irq; 94 } 95 } 96 } 97 98 if (best_irq != 1023) { 99 trace_gic_update_bestirq(cpu, best_irq, best_prio, 100 s->priority_mask[cpu], s->running_priority[cpu]); 101 } 102 103 irq_level = fiq_level = 0; 104 105 if (best_prio < s->priority_mask[cpu]) { 106 s->current_pending[cpu] = best_irq; 107 if (best_prio < s->running_priority[cpu]) { 108 int group = GIC_TEST_GROUP(best_irq, cm); 109 110 if (extract32(s->ctlr, group, 1) && 111 extract32(s->cpu_ctlr[cpu], group, 1)) { 112 if (group == 0 && s->cpu_ctlr[cpu] & GICC_CTLR_FIQ_EN) { 113 DPRINTF("Raised pending FIQ %d (cpu %d)\n", 114 best_irq, cpu); 115 fiq_level = 1; 116 trace_gic_update_set_irq(cpu, "fiq", fiq_level); 117 } else { 118 DPRINTF("Raised pending IRQ %d (cpu %d)\n", 119 best_irq, cpu); 120 irq_level = 1; 121 trace_gic_update_set_irq(cpu, "irq", irq_level); 122 } 123 } 124 } 125 } 126 127 qemu_set_irq(s->parent_irq[cpu], irq_level); 128 qemu_set_irq(s->parent_fiq[cpu], fiq_level); 129 } 130 } 131 132 void gic_set_pending_private(GICState *s, int cpu, int irq) 133 { 134 int cm = 1 << cpu; 135 136 if (gic_test_pending(s, irq, cm)) { 137 return; 138 } 139 140 DPRINTF("Set %d pending cpu %d\n", irq, cpu); 141 GIC_SET_PENDING(irq, cm); 142 gic_update(s); 143 } 144 145 static void gic_set_irq_11mpcore(GICState *s, int irq, int level, 146 int cm, int target) 147 { 148 if (level) { 149 GIC_SET_LEVEL(irq, cm); 150 if (GIC_TEST_EDGE_TRIGGER(irq) || GIC_TEST_ENABLED(irq, cm)) { 151 DPRINTF("Set %d pending mask %x\n", irq, target); 152 GIC_SET_PENDING(irq, target); 153 } 154 } else { 155 GIC_CLEAR_LEVEL(irq, cm); 156 } 157 } 158 159 static void gic_set_irq_nvic(GICState *s, int irq, int level, 160 int cm, int target) 161 { 162 if (level) { 163 GIC_SET_LEVEL(irq, cm); 164 GIC_SET_PENDING(irq, target); 165 } else { 166 GIC_CLEAR_LEVEL(irq, cm); 167 } 168 } 169 170 static void gic_set_irq_generic(GICState *s, int irq, int level, 171 int cm, int target) 172 { 173 if (level) { 174 GIC_SET_LEVEL(irq, cm); 175 DPRINTF("Set %d pending mask %x\n", irq, target); 176 if (GIC_TEST_EDGE_TRIGGER(irq)) { 177 GIC_SET_PENDING(irq, target); 178 } 179 } else { 180 GIC_CLEAR_LEVEL(irq, cm); 181 } 182 } 183 184 /* Process a change in an external IRQ input. */ 185 static void gic_set_irq(void *opaque, int irq, int level) 186 { 187 /* Meaning of the 'irq' parameter: 188 * [0..N-1] : external interrupts 189 * [N..N+31] : PPI (internal) interrupts for CPU 0 190 * [N+32..N+63] : PPI (internal interrupts for CPU 1 191 * ... 192 */ 193 GICState *s = (GICState *)opaque; 194 int cm, target; 195 if (irq < (s->num_irq - GIC_INTERNAL)) { 196 /* The first external input line is internal interrupt 32. */ 197 cm = ALL_CPU_MASK; 198 irq += GIC_INTERNAL; 199 target = GIC_TARGET(irq); 200 } else { 201 int cpu; 202 irq -= (s->num_irq - GIC_INTERNAL); 203 cpu = irq / GIC_INTERNAL; 204 irq %= GIC_INTERNAL; 205 cm = 1 << cpu; 206 target = cm; 207 } 208 209 assert(irq >= GIC_NR_SGIS); 210 211 if (level == GIC_TEST_LEVEL(irq, cm)) { 212 return; 213 } 214 215 if (s->revision == REV_11MPCORE) { 216 gic_set_irq_11mpcore(s, irq, level, cm, target); 217 } else if (s->revision == REV_NVIC) { 218 gic_set_irq_nvic(s, irq, level, cm, target); 219 } else { 220 gic_set_irq_generic(s, irq, level, cm, target); 221 } 222 trace_gic_set_irq(irq, level, cm, target); 223 224 gic_update(s); 225 } 226 227 static uint16_t gic_get_current_pending_irq(GICState *s, int cpu, 228 MemTxAttrs attrs) 229 { 230 uint16_t pending_irq = s->current_pending[cpu]; 231 232 if (pending_irq < GIC_MAXIRQ && gic_has_groups(s)) { 233 int group = GIC_TEST_GROUP(pending_irq, (1 << cpu)); 234 /* On a GIC without the security extensions, reading this register 235 * behaves in the same way as a secure access to a GIC with them. 236 */ 237 bool secure = !s->security_extn || attrs.secure; 238 239 if (group == 0 && !secure) { 240 /* Group0 interrupts hidden from Non-secure access */ 241 return 1023; 242 } 243 if (group == 1 && secure && !(s->cpu_ctlr[cpu] & GICC_CTLR_ACK_CTL)) { 244 /* Group1 interrupts only seen by Secure access if 245 * AckCtl bit set. 246 */ 247 return 1022; 248 } 249 } 250 return pending_irq; 251 } 252 253 static int gic_get_group_priority(GICState *s, int cpu, int irq) 254 { 255 /* Return the group priority of the specified interrupt 256 * (which is the top bits of its priority, with the number 257 * of bits masked determined by the applicable binary point register). 258 */ 259 int bpr; 260 uint32_t mask; 261 262 if (gic_has_groups(s) && 263 !(s->cpu_ctlr[cpu] & GICC_CTLR_CBPR) && 264 GIC_TEST_GROUP(irq, (1 << cpu))) { 265 bpr = s->abpr[cpu]; 266 } else { 267 bpr = s->bpr[cpu]; 268 } 269 270 /* a BPR of 0 means the group priority bits are [7:1]; 271 * a BPR of 1 means they are [7:2], and so on down to 272 * a BPR of 7 meaning no group priority bits at all. 273 */ 274 mask = ~0U << ((bpr & 7) + 1); 275 276 return GIC_GET_PRIORITY(irq, cpu) & mask; 277 } 278 279 static void gic_activate_irq(GICState *s, int cpu, int irq) 280 { 281 /* Set the appropriate Active Priority Register bit for this IRQ, 282 * and update the running priority. 283 */ 284 int prio = gic_get_group_priority(s, cpu, irq); 285 int preemption_level = prio >> (GIC_MIN_BPR + 1); 286 int regno = preemption_level / 32; 287 int bitno = preemption_level % 32; 288 289 if (gic_has_groups(s) && GIC_TEST_GROUP(irq, (1 << cpu))) { 290 s->nsapr[regno][cpu] |= (1 << bitno); 291 } else { 292 s->apr[regno][cpu] |= (1 << bitno); 293 } 294 295 s->running_priority[cpu] = prio; 296 GIC_SET_ACTIVE(irq, 1 << cpu); 297 } 298 299 static int gic_get_prio_from_apr_bits(GICState *s, int cpu) 300 { 301 /* Recalculate the current running priority for this CPU based 302 * on the set bits in the Active Priority Registers. 303 */ 304 int i; 305 for (i = 0; i < GIC_NR_APRS; i++) { 306 uint32_t apr = s->apr[i][cpu] | s->nsapr[i][cpu]; 307 if (!apr) { 308 continue; 309 } 310 return (i * 32 + ctz32(apr)) << (GIC_MIN_BPR + 1); 311 } 312 return 0x100; 313 } 314 315 static void gic_drop_prio(GICState *s, int cpu, int group) 316 { 317 /* Drop the priority of the currently active interrupt in the 318 * specified group. 319 * 320 * Note that we can guarantee (because of the requirement to nest 321 * GICC_IAR reads [which activate an interrupt and raise priority] 322 * with GICC_EOIR writes [which drop the priority for the interrupt]) 323 * that the interrupt we're being called for is the highest priority 324 * active interrupt, meaning that it has the lowest set bit in the 325 * APR registers. 326 * 327 * If the guest does not honour the ordering constraints then the 328 * behaviour of the GIC is UNPREDICTABLE, which for us means that 329 * the values of the APR registers might become incorrect and the 330 * running priority will be wrong, so interrupts that should preempt 331 * might not do so, and interrupts that should not preempt might do so. 332 */ 333 int i; 334 335 for (i = 0; i < GIC_NR_APRS; i++) { 336 uint32_t *papr = group ? &s->nsapr[i][cpu] : &s->apr[i][cpu]; 337 if (!*papr) { 338 continue; 339 } 340 /* Clear lowest set bit */ 341 *papr &= *papr - 1; 342 break; 343 } 344 345 s->running_priority[cpu] = gic_get_prio_from_apr_bits(s, cpu); 346 } 347 348 uint32_t gic_acknowledge_irq(GICState *s, int cpu, MemTxAttrs attrs) 349 { 350 int ret, irq, src; 351 int cm = 1 << cpu; 352 353 /* gic_get_current_pending_irq() will return 1022 or 1023 appropriately 354 * for the case where this GIC supports grouping and the pending interrupt 355 * is in the wrong group. 356 */ 357 irq = gic_get_current_pending_irq(s, cpu, attrs); 358 trace_gic_acknowledge_irq(cpu, irq); 359 360 if (irq >= GIC_MAXIRQ) { 361 DPRINTF("ACK, no pending interrupt or it is hidden: %d\n", irq); 362 return irq; 363 } 364 365 if (GIC_GET_PRIORITY(irq, cpu) >= s->running_priority[cpu]) { 366 DPRINTF("ACK, pending interrupt (%d) has insufficient priority\n", irq); 367 return 1023; 368 } 369 370 if (s->revision == REV_11MPCORE || s->revision == REV_NVIC) { 371 /* Clear pending flags for both level and edge triggered interrupts. 372 * Level triggered IRQs will be reasserted once they become inactive. 373 */ 374 GIC_CLEAR_PENDING(irq, GIC_TEST_MODEL(irq) ? ALL_CPU_MASK : cm); 375 ret = irq; 376 } else { 377 if (irq < GIC_NR_SGIS) { 378 /* Lookup the source CPU for the SGI and clear this in the 379 * sgi_pending map. Return the src and clear the overall pending 380 * state on this CPU if the SGI is not pending from any CPUs. 381 */ 382 assert(s->sgi_pending[irq][cpu] != 0); 383 src = ctz32(s->sgi_pending[irq][cpu]); 384 s->sgi_pending[irq][cpu] &= ~(1 << src); 385 if (s->sgi_pending[irq][cpu] == 0) { 386 GIC_CLEAR_PENDING(irq, GIC_TEST_MODEL(irq) ? ALL_CPU_MASK : cm); 387 } 388 ret = irq | ((src & 0x7) << 10); 389 } else { 390 /* Clear pending state for both level and edge triggered 391 * interrupts. (level triggered interrupts with an active line 392 * remain pending, see gic_test_pending) 393 */ 394 GIC_CLEAR_PENDING(irq, GIC_TEST_MODEL(irq) ? ALL_CPU_MASK : cm); 395 ret = irq; 396 } 397 } 398 399 gic_activate_irq(s, cpu, irq); 400 gic_update(s); 401 DPRINTF("ACK %d\n", irq); 402 return ret; 403 } 404 405 void gic_set_priority(GICState *s, int cpu, int irq, uint8_t val, 406 MemTxAttrs attrs) 407 { 408 if (s->security_extn && !attrs.secure) { 409 if (!GIC_TEST_GROUP(irq, (1 << cpu))) { 410 return; /* Ignore Non-secure access of Group0 IRQ */ 411 } 412 val = 0x80 | (val >> 1); /* Non-secure view */ 413 } 414 415 if (irq < GIC_INTERNAL) { 416 s->priority1[irq][cpu] = val; 417 } else { 418 s->priority2[(irq) - GIC_INTERNAL] = val; 419 } 420 } 421 422 static uint32_t gic_get_priority(GICState *s, int cpu, int irq, 423 MemTxAttrs attrs) 424 { 425 uint32_t prio = GIC_GET_PRIORITY(irq, cpu); 426 427 if (s->security_extn && !attrs.secure) { 428 if (!GIC_TEST_GROUP(irq, (1 << cpu))) { 429 return 0; /* Non-secure access cannot read priority of Group0 IRQ */ 430 } 431 prio = (prio << 1) & 0xff; /* Non-secure view */ 432 } 433 return prio; 434 } 435 436 static void gic_set_priority_mask(GICState *s, int cpu, uint8_t pmask, 437 MemTxAttrs attrs) 438 { 439 if (s->security_extn && !attrs.secure) { 440 if (s->priority_mask[cpu] & 0x80) { 441 /* Priority Mask in upper half */ 442 pmask = 0x80 | (pmask >> 1); 443 } else { 444 /* Non-secure write ignored if priority mask is in lower half */ 445 return; 446 } 447 } 448 s->priority_mask[cpu] = pmask; 449 } 450 451 static uint32_t gic_get_priority_mask(GICState *s, int cpu, MemTxAttrs attrs) 452 { 453 uint32_t pmask = s->priority_mask[cpu]; 454 455 if (s->security_extn && !attrs.secure) { 456 if (pmask & 0x80) { 457 /* Priority Mask in upper half, return Non-secure view */ 458 pmask = (pmask << 1) & 0xff; 459 } else { 460 /* Priority Mask in lower half, RAZ */ 461 pmask = 0; 462 } 463 } 464 return pmask; 465 } 466 467 static uint32_t gic_get_cpu_control(GICState *s, int cpu, MemTxAttrs attrs) 468 { 469 uint32_t ret = s->cpu_ctlr[cpu]; 470 471 if (s->security_extn && !attrs.secure) { 472 /* Construct the NS banked view of GICC_CTLR from the correct 473 * bits of the S banked view. We don't need to move the bypass 474 * control bits because we don't implement that (IMPDEF) part 475 * of the GIC architecture. 476 */ 477 ret = (ret & (GICC_CTLR_EN_GRP1 | GICC_CTLR_EOIMODE_NS)) >> 1; 478 } 479 return ret; 480 } 481 482 static void gic_set_cpu_control(GICState *s, int cpu, uint32_t value, 483 MemTxAttrs attrs) 484 { 485 uint32_t mask; 486 487 if (s->security_extn && !attrs.secure) { 488 /* The NS view can only write certain bits in the register; 489 * the rest are unchanged 490 */ 491 mask = GICC_CTLR_EN_GRP1; 492 if (s->revision == 2) { 493 mask |= GICC_CTLR_EOIMODE_NS; 494 } 495 s->cpu_ctlr[cpu] &= ~mask; 496 s->cpu_ctlr[cpu] |= (value << 1) & mask; 497 } else { 498 if (s->revision == 2) { 499 mask = s->security_extn ? GICC_CTLR_V2_S_MASK : GICC_CTLR_V2_MASK; 500 } else { 501 mask = s->security_extn ? GICC_CTLR_V1_S_MASK : GICC_CTLR_V1_MASK; 502 } 503 s->cpu_ctlr[cpu] = value & mask; 504 } 505 DPRINTF("CPU Interface %d: Group0 Interrupts %sabled, " 506 "Group1 Interrupts %sabled\n", cpu, 507 (s->cpu_ctlr[cpu] & GICC_CTLR_EN_GRP0) ? "En" : "Dis", 508 (s->cpu_ctlr[cpu] & GICC_CTLR_EN_GRP1) ? "En" : "Dis"); 509 } 510 511 static uint8_t gic_get_running_priority(GICState *s, int cpu, MemTxAttrs attrs) 512 { 513 if (s->security_extn && !attrs.secure) { 514 if (s->running_priority[cpu] & 0x80) { 515 /* Running priority in upper half of range: return the Non-secure 516 * view of the priority. 517 */ 518 return s->running_priority[cpu] << 1; 519 } else { 520 /* Running priority in lower half of range: RAZ */ 521 return 0; 522 } 523 } else { 524 return s->running_priority[cpu]; 525 } 526 } 527 528 /* Return true if we should split priority drop and interrupt deactivation, 529 * ie whether the relevant EOIMode bit is set. 530 */ 531 static bool gic_eoi_split(GICState *s, int cpu, MemTxAttrs attrs) 532 { 533 if (s->revision != 2) { 534 /* Before GICv2 prio-drop and deactivate are not separable */ 535 return false; 536 } 537 if (s->security_extn && !attrs.secure) { 538 return s->cpu_ctlr[cpu] & GICC_CTLR_EOIMODE_NS; 539 } 540 return s->cpu_ctlr[cpu] & GICC_CTLR_EOIMODE; 541 } 542 543 static void gic_deactivate_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs) 544 { 545 int cm = 1 << cpu; 546 int group = gic_has_groups(s) && GIC_TEST_GROUP(irq, cm); 547 548 if (!gic_eoi_split(s, cpu, attrs)) { 549 /* This is UNPREDICTABLE; we choose to ignore it */ 550 qemu_log_mask(LOG_GUEST_ERROR, 551 "gic_deactivate_irq: GICC_DIR write when EOIMode clear"); 552 return; 553 } 554 555 if (s->security_extn && !attrs.secure && !group) { 556 DPRINTF("Non-secure DI for Group0 interrupt %d ignored\n", irq); 557 return; 558 } 559 560 GIC_CLEAR_ACTIVE(irq, cm); 561 } 562 563 void gic_complete_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs) 564 { 565 int cm = 1 << cpu; 566 int group; 567 568 DPRINTF("EOI %d\n", irq); 569 if (irq >= s->num_irq) { 570 /* This handles two cases: 571 * 1. If software writes the ID of a spurious interrupt [ie 1023] 572 * to the GICC_EOIR, the GIC ignores that write. 573 * 2. If software writes the number of a non-existent interrupt 574 * this must be a subcase of "value written does not match the last 575 * valid interrupt value read from the Interrupt Acknowledge 576 * register" and so this is UNPREDICTABLE. We choose to ignore it. 577 */ 578 return; 579 } 580 if (s->running_priority[cpu] == 0x100) { 581 return; /* No active IRQ. */ 582 } 583 584 if (s->revision == REV_11MPCORE) { 585 /* Mark level triggered interrupts as pending if they are still 586 raised. */ 587 if (!GIC_TEST_EDGE_TRIGGER(irq) && GIC_TEST_ENABLED(irq, cm) 588 && GIC_TEST_LEVEL(irq, cm) && (GIC_TARGET(irq) & cm) != 0) { 589 DPRINTF("Set %d pending mask %x\n", irq, cm); 590 GIC_SET_PENDING(irq, cm); 591 } 592 } else if (s->revision == REV_NVIC) { 593 if (GIC_TEST_LEVEL(irq, cm)) { 594 DPRINTF("Set nvic %d pending mask %x\n", irq, cm); 595 GIC_SET_PENDING(irq, cm); 596 } 597 } 598 599 group = gic_has_groups(s) && GIC_TEST_GROUP(irq, cm); 600 601 if (s->security_extn && !attrs.secure && !group) { 602 DPRINTF("Non-secure EOI for Group0 interrupt %d ignored\n", irq); 603 return; 604 } 605 606 /* Secure EOI with GICC_CTLR.AckCtl == 0 when the IRQ is a Group 1 607 * interrupt is UNPREDICTABLE. We choose to handle it as if AckCtl == 1, 608 * i.e. go ahead and complete the irq anyway. 609 */ 610 611 gic_drop_prio(s, cpu, group); 612 613 /* In GICv2 the guest can choose to split priority-drop and deactivate */ 614 if (!gic_eoi_split(s, cpu, attrs)) { 615 GIC_CLEAR_ACTIVE(irq, cm); 616 } 617 gic_update(s); 618 } 619 620 static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs) 621 { 622 GICState *s = (GICState *)opaque; 623 uint32_t res; 624 int irq; 625 int i; 626 int cpu; 627 int cm; 628 int mask; 629 630 cpu = gic_get_current_cpu(s); 631 cm = 1 << cpu; 632 if (offset < 0x100) { 633 if (offset == 0) { /* GICD_CTLR */ 634 if (s->security_extn && !attrs.secure) { 635 /* The NS bank of this register is just an alias of the 636 * EnableGrp1 bit in the S bank version. 637 */ 638 return extract32(s->ctlr, 1, 1); 639 } else { 640 return s->ctlr; 641 } 642 } 643 if (offset == 4) 644 /* Interrupt Controller Type Register */ 645 return ((s->num_irq / 32) - 1) 646 | ((s->num_cpu - 1) << 5) 647 | (s->security_extn << 10); 648 if (offset < 0x08) 649 return 0; 650 if (offset >= 0x80) { 651 /* Interrupt Group Registers: these RAZ/WI if this is an NS 652 * access to a GIC with the security extensions, or if the GIC 653 * doesn't have groups at all. 654 */ 655 res = 0; 656 if (!(s->security_extn && !attrs.secure) && gic_has_groups(s)) { 657 /* Every byte offset holds 8 group status bits */ 658 irq = (offset - 0x080) * 8 + GIC_BASE_IRQ; 659 if (irq >= s->num_irq) { 660 goto bad_reg; 661 } 662 for (i = 0; i < 8; i++) { 663 if (GIC_TEST_GROUP(irq + i, cm)) { 664 res |= (1 << i); 665 } 666 } 667 } 668 return res; 669 } 670 goto bad_reg; 671 } else if (offset < 0x200) { 672 /* Interrupt Set/Clear Enable. */ 673 if (offset < 0x180) 674 irq = (offset - 0x100) * 8; 675 else 676 irq = (offset - 0x180) * 8; 677 irq += GIC_BASE_IRQ; 678 if (irq >= s->num_irq) 679 goto bad_reg; 680 res = 0; 681 for (i = 0; i < 8; i++) { 682 if (s->security_extn && !attrs.secure && 683 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 684 continue; /* Ignore Non-secure access of Group0 IRQ */ 685 } 686 687 if (GIC_TEST_ENABLED(irq + i, cm)) { 688 res |= (1 << i); 689 } 690 } 691 } else if (offset < 0x300) { 692 /* Interrupt Set/Clear Pending. */ 693 if (offset < 0x280) 694 irq = (offset - 0x200) * 8; 695 else 696 irq = (offset - 0x280) * 8; 697 irq += GIC_BASE_IRQ; 698 if (irq >= s->num_irq) 699 goto bad_reg; 700 res = 0; 701 mask = (irq < GIC_INTERNAL) ? cm : ALL_CPU_MASK; 702 for (i = 0; i < 8; i++) { 703 if (s->security_extn && !attrs.secure && 704 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 705 continue; /* Ignore Non-secure access of Group0 IRQ */ 706 } 707 708 if (gic_test_pending(s, irq + i, mask)) { 709 res |= (1 << i); 710 } 711 } 712 } else if (offset < 0x400) { 713 /* Interrupt Active. */ 714 irq = (offset - 0x300) * 8 + GIC_BASE_IRQ; 715 if (irq >= s->num_irq) 716 goto bad_reg; 717 res = 0; 718 mask = (irq < GIC_INTERNAL) ? cm : ALL_CPU_MASK; 719 for (i = 0; i < 8; i++) { 720 if (s->security_extn && !attrs.secure && 721 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 722 continue; /* Ignore Non-secure access of Group0 IRQ */ 723 } 724 725 if (GIC_TEST_ACTIVE(irq + i, mask)) { 726 res |= (1 << i); 727 } 728 } 729 } else if (offset < 0x800) { 730 /* Interrupt Priority. */ 731 irq = (offset - 0x400) + GIC_BASE_IRQ; 732 if (irq >= s->num_irq) 733 goto bad_reg; 734 res = gic_get_priority(s, cpu, irq, attrs); 735 } else if (offset < 0xc00) { 736 /* Interrupt CPU Target. */ 737 if (s->num_cpu == 1 && s->revision != REV_11MPCORE) { 738 /* For uniprocessor GICs these RAZ/WI */ 739 res = 0; 740 } else { 741 irq = (offset - 0x800) + GIC_BASE_IRQ; 742 if (irq >= s->num_irq) { 743 goto bad_reg; 744 } 745 if (irq >= 29 && irq <= 31) { 746 res = cm; 747 } else { 748 res = GIC_TARGET(irq); 749 } 750 } 751 } else if (offset < 0xf00) { 752 /* Interrupt Configuration. */ 753 irq = (offset - 0xc00) * 4 + GIC_BASE_IRQ; 754 if (irq >= s->num_irq) 755 goto bad_reg; 756 res = 0; 757 for (i = 0; i < 4; i++) { 758 if (s->security_extn && !attrs.secure && 759 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 760 continue; /* Ignore Non-secure access of Group0 IRQ */ 761 } 762 763 if (GIC_TEST_MODEL(irq + i)) 764 res |= (1 << (i * 2)); 765 if (GIC_TEST_EDGE_TRIGGER(irq + i)) 766 res |= (2 << (i * 2)); 767 } 768 } else if (offset < 0xf10) { 769 goto bad_reg; 770 } else if (offset < 0xf30) { 771 if (s->revision == REV_11MPCORE || s->revision == REV_NVIC) { 772 goto bad_reg; 773 } 774 775 if (offset < 0xf20) { 776 /* GICD_CPENDSGIRn */ 777 irq = (offset - 0xf10); 778 } else { 779 irq = (offset - 0xf20); 780 /* GICD_SPENDSGIRn */ 781 } 782 783 if (s->security_extn && !attrs.secure && 784 !GIC_TEST_GROUP(irq, 1 << cpu)) { 785 res = 0; /* Ignore Non-secure access of Group0 IRQ */ 786 } else { 787 res = s->sgi_pending[irq][cpu]; 788 } 789 } else if (offset < 0xfd0) { 790 goto bad_reg; 791 } else if (offset < 0x1000) { 792 if (offset & 3) { 793 res = 0; 794 } else { 795 switch (s->revision) { 796 case REV_11MPCORE: 797 res = gic_id_11mpcore[(offset - 0xfd0) >> 2]; 798 break; 799 case 1: 800 res = gic_id_gicv1[(offset - 0xfd0) >> 2]; 801 break; 802 case 2: 803 res = gic_id_gicv2[(offset - 0xfd0) >> 2]; 804 break; 805 case REV_NVIC: 806 /* Shouldn't be able to get here */ 807 abort(); 808 default: 809 res = 0; 810 } 811 } 812 } else { 813 g_assert_not_reached(); 814 } 815 return res; 816 bad_reg: 817 qemu_log_mask(LOG_GUEST_ERROR, 818 "gic_dist_readb: Bad offset %x\n", (int)offset); 819 return 0; 820 } 821 822 static MemTxResult gic_dist_read(void *opaque, hwaddr offset, uint64_t *data, 823 unsigned size, MemTxAttrs attrs) 824 { 825 switch (size) { 826 case 1: 827 *data = gic_dist_readb(opaque, offset, attrs); 828 return MEMTX_OK; 829 case 2: 830 *data = gic_dist_readb(opaque, offset, attrs); 831 *data |= gic_dist_readb(opaque, offset + 1, attrs) << 8; 832 return MEMTX_OK; 833 case 4: 834 *data = gic_dist_readb(opaque, offset, attrs); 835 *data |= gic_dist_readb(opaque, offset + 1, attrs) << 8; 836 *data |= gic_dist_readb(opaque, offset + 2, attrs) << 16; 837 *data |= gic_dist_readb(opaque, offset + 3, attrs) << 24; 838 return MEMTX_OK; 839 default: 840 return MEMTX_ERROR; 841 } 842 } 843 844 static void gic_dist_writeb(void *opaque, hwaddr offset, 845 uint32_t value, MemTxAttrs attrs) 846 { 847 GICState *s = (GICState *)opaque; 848 int irq; 849 int i; 850 int cpu; 851 852 cpu = gic_get_current_cpu(s); 853 if (offset < 0x100) { 854 if (offset == 0) { 855 if (s->security_extn && !attrs.secure) { 856 /* NS version is just an alias of the S version's bit 1 */ 857 s->ctlr = deposit32(s->ctlr, 1, 1, value); 858 } else if (gic_has_groups(s)) { 859 s->ctlr = value & (GICD_CTLR_EN_GRP0 | GICD_CTLR_EN_GRP1); 860 } else { 861 s->ctlr = value & GICD_CTLR_EN_GRP0; 862 } 863 DPRINTF("Distributor: Group0 %sabled; Group 1 %sabled\n", 864 s->ctlr & GICD_CTLR_EN_GRP0 ? "En" : "Dis", 865 s->ctlr & GICD_CTLR_EN_GRP1 ? "En" : "Dis"); 866 } else if (offset < 4) { 867 /* ignored. */ 868 } else if (offset >= 0x80) { 869 /* Interrupt Group Registers: RAZ/WI for NS access to secure 870 * GIC, or for GICs without groups. 871 */ 872 if (!(s->security_extn && !attrs.secure) && gic_has_groups(s)) { 873 /* Every byte offset holds 8 group status bits */ 874 irq = (offset - 0x80) * 8 + GIC_BASE_IRQ; 875 if (irq >= s->num_irq) { 876 goto bad_reg; 877 } 878 for (i = 0; i < 8; i++) { 879 /* Group bits are banked for private interrupts */ 880 int cm = (irq < GIC_INTERNAL) ? (1 << cpu) : ALL_CPU_MASK; 881 if (value & (1 << i)) { 882 /* Group1 (Non-secure) */ 883 GIC_SET_GROUP(irq + i, cm); 884 } else { 885 /* Group0 (Secure) */ 886 GIC_CLEAR_GROUP(irq + i, cm); 887 } 888 } 889 } 890 } else { 891 goto bad_reg; 892 } 893 } else if (offset < 0x180) { 894 /* Interrupt Set Enable. */ 895 irq = (offset - 0x100) * 8 + GIC_BASE_IRQ; 896 if (irq >= s->num_irq) 897 goto bad_reg; 898 if (irq < GIC_NR_SGIS) { 899 value = 0xff; 900 } 901 902 for (i = 0; i < 8; i++) { 903 if (value & (1 << i)) { 904 int mask = 905 (irq < GIC_INTERNAL) ? (1 << cpu) : GIC_TARGET(irq + i); 906 int cm = (irq < GIC_INTERNAL) ? (1 << cpu) : ALL_CPU_MASK; 907 908 if (s->security_extn && !attrs.secure && 909 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 910 continue; /* Ignore Non-secure access of Group0 IRQ */ 911 } 912 913 if (!GIC_TEST_ENABLED(irq + i, cm)) { 914 DPRINTF("Enabled IRQ %d\n", irq + i); 915 trace_gic_enable_irq(irq + i); 916 } 917 GIC_SET_ENABLED(irq + i, cm); 918 /* If a raised level triggered IRQ enabled then mark 919 is as pending. */ 920 if (GIC_TEST_LEVEL(irq + i, mask) 921 && !GIC_TEST_EDGE_TRIGGER(irq + i)) { 922 DPRINTF("Set %d pending mask %x\n", irq + i, mask); 923 GIC_SET_PENDING(irq + i, mask); 924 } 925 } 926 } 927 } else if (offset < 0x200) { 928 /* Interrupt Clear Enable. */ 929 irq = (offset - 0x180) * 8 + GIC_BASE_IRQ; 930 if (irq >= s->num_irq) 931 goto bad_reg; 932 if (irq < GIC_NR_SGIS) { 933 value = 0; 934 } 935 936 for (i = 0; i < 8; i++) { 937 if (value & (1 << i)) { 938 int cm = (irq < GIC_INTERNAL) ? (1 << cpu) : ALL_CPU_MASK; 939 940 if (s->security_extn && !attrs.secure && 941 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 942 continue; /* Ignore Non-secure access of Group0 IRQ */ 943 } 944 945 if (GIC_TEST_ENABLED(irq + i, cm)) { 946 DPRINTF("Disabled IRQ %d\n", irq + i); 947 trace_gic_disable_irq(irq + i); 948 } 949 GIC_CLEAR_ENABLED(irq + i, cm); 950 } 951 } 952 } else if (offset < 0x280) { 953 /* Interrupt Set Pending. */ 954 irq = (offset - 0x200) * 8 + GIC_BASE_IRQ; 955 if (irq >= s->num_irq) 956 goto bad_reg; 957 if (irq < GIC_NR_SGIS) { 958 value = 0; 959 } 960 961 for (i = 0; i < 8; i++) { 962 if (value & (1 << i)) { 963 if (s->security_extn && !attrs.secure && 964 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 965 continue; /* Ignore Non-secure access of Group0 IRQ */ 966 } 967 968 GIC_SET_PENDING(irq + i, GIC_TARGET(irq + i)); 969 } 970 } 971 } else if (offset < 0x300) { 972 /* Interrupt Clear Pending. */ 973 irq = (offset - 0x280) * 8 + GIC_BASE_IRQ; 974 if (irq >= s->num_irq) 975 goto bad_reg; 976 if (irq < GIC_NR_SGIS) { 977 value = 0; 978 } 979 980 for (i = 0; i < 8; i++) { 981 if (s->security_extn && !attrs.secure && 982 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 983 continue; /* Ignore Non-secure access of Group0 IRQ */ 984 } 985 986 /* ??? This currently clears the pending bit for all CPUs, even 987 for per-CPU interrupts. It's unclear whether this is the 988 corect behavior. */ 989 if (value & (1 << i)) { 990 GIC_CLEAR_PENDING(irq + i, ALL_CPU_MASK); 991 } 992 } 993 } else if (offset < 0x400) { 994 /* Interrupt Active. */ 995 goto bad_reg; 996 } else if (offset < 0x800) { 997 /* Interrupt Priority. */ 998 irq = (offset - 0x400) + GIC_BASE_IRQ; 999 if (irq >= s->num_irq) 1000 goto bad_reg; 1001 gic_set_priority(s, cpu, irq, value, attrs); 1002 } else if (offset < 0xc00) { 1003 /* Interrupt CPU Target. RAZ/WI on uniprocessor GICs, with the 1004 * annoying exception of the 11MPCore's GIC. 1005 */ 1006 if (s->num_cpu != 1 || s->revision == REV_11MPCORE) { 1007 irq = (offset - 0x800) + GIC_BASE_IRQ; 1008 if (irq >= s->num_irq) { 1009 goto bad_reg; 1010 } 1011 if (irq < 29) { 1012 value = 0; 1013 } else if (irq < GIC_INTERNAL) { 1014 value = ALL_CPU_MASK; 1015 } 1016 s->irq_target[irq] = value & ALL_CPU_MASK; 1017 } 1018 } else if (offset < 0xf00) { 1019 /* Interrupt Configuration. */ 1020 irq = (offset - 0xc00) * 4 + GIC_BASE_IRQ; 1021 if (irq >= s->num_irq) 1022 goto bad_reg; 1023 if (irq < GIC_NR_SGIS) 1024 value |= 0xaa; 1025 for (i = 0; i < 4; i++) { 1026 if (s->security_extn && !attrs.secure && 1027 !GIC_TEST_GROUP(irq + i, 1 << cpu)) { 1028 continue; /* Ignore Non-secure access of Group0 IRQ */ 1029 } 1030 1031 if (s->revision == REV_11MPCORE || s->revision == REV_NVIC) { 1032 if (value & (1 << (i * 2))) { 1033 GIC_SET_MODEL(irq + i); 1034 } else { 1035 GIC_CLEAR_MODEL(irq + i); 1036 } 1037 } 1038 if (value & (2 << (i * 2))) { 1039 GIC_SET_EDGE_TRIGGER(irq + i); 1040 } else { 1041 GIC_CLEAR_EDGE_TRIGGER(irq + i); 1042 } 1043 } 1044 } else if (offset < 0xf10) { 1045 /* 0xf00 is only handled for 32-bit writes. */ 1046 goto bad_reg; 1047 } else if (offset < 0xf20) { 1048 /* GICD_CPENDSGIRn */ 1049 if (s->revision == REV_11MPCORE || s->revision == REV_NVIC) { 1050 goto bad_reg; 1051 } 1052 irq = (offset - 0xf10); 1053 1054 if (!s->security_extn || attrs.secure || 1055 GIC_TEST_GROUP(irq, 1 << cpu)) { 1056 s->sgi_pending[irq][cpu] &= ~value; 1057 if (s->sgi_pending[irq][cpu] == 0) { 1058 GIC_CLEAR_PENDING(irq, 1 << cpu); 1059 } 1060 } 1061 } else if (offset < 0xf30) { 1062 /* GICD_SPENDSGIRn */ 1063 if (s->revision == REV_11MPCORE || s->revision == REV_NVIC) { 1064 goto bad_reg; 1065 } 1066 irq = (offset - 0xf20); 1067 1068 if (!s->security_extn || attrs.secure || 1069 GIC_TEST_GROUP(irq, 1 << cpu)) { 1070 GIC_SET_PENDING(irq, 1 << cpu); 1071 s->sgi_pending[irq][cpu] |= value; 1072 } 1073 } else { 1074 goto bad_reg; 1075 } 1076 gic_update(s); 1077 return; 1078 bad_reg: 1079 qemu_log_mask(LOG_GUEST_ERROR, 1080 "gic_dist_writeb: Bad offset %x\n", (int)offset); 1081 } 1082 1083 static void gic_dist_writew(void *opaque, hwaddr offset, 1084 uint32_t value, MemTxAttrs attrs) 1085 { 1086 gic_dist_writeb(opaque, offset, value & 0xff, attrs); 1087 gic_dist_writeb(opaque, offset + 1, value >> 8, attrs); 1088 } 1089 1090 static void gic_dist_writel(void *opaque, hwaddr offset, 1091 uint32_t value, MemTxAttrs attrs) 1092 { 1093 GICState *s = (GICState *)opaque; 1094 if (offset == 0xf00) { 1095 int cpu; 1096 int irq; 1097 int mask; 1098 int target_cpu; 1099 1100 cpu = gic_get_current_cpu(s); 1101 irq = value & 0x3ff; 1102 switch ((value >> 24) & 3) { 1103 case 0: 1104 mask = (value >> 16) & ALL_CPU_MASK; 1105 break; 1106 case 1: 1107 mask = ALL_CPU_MASK ^ (1 << cpu); 1108 break; 1109 case 2: 1110 mask = 1 << cpu; 1111 break; 1112 default: 1113 DPRINTF("Bad Soft Int target filter\n"); 1114 mask = ALL_CPU_MASK; 1115 break; 1116 } 1117 GIC_SET_PENDING(irq, mask); 1118 target_cpu = ctz32(mask); 1119 while (target_cpu < GIC_NCPU) { 1120 s->sgi_pending[irq][target_cpu] |= (1 << cpu); 1121 mask &= ~(1 << target_cpu); 1122 target_cpu = ctz32(mask); 1123 } 1124 gic_update(s); 1125 return; 1126 } 1127 gic_dist_writew(opaque, offset, value & 0xffff, attrs); 1128 gic_dist_writew(opaque, offset + 2, value >> 16, attrs); 1129 } 1130 1131 static MemTxResult gic_dist_write(void *opaque, hwaddr offset, uint64_t data, 1132 unsigned size, MemTxAttrs attrs) 1133 { 1134 switch (size) { 1135 case 1: 1136 gic_dist_writeb(opaque, offset, data, attrs); 1137 return MEMTX_OK; 1138 case 2: 1139 gic_dist_writew(opaque, offset, data, attrs); 1140 return MEMTX_OK; 1141 case 4: 1142 gic_dist_writel(opaque, offset, data, attrs); 1143 return MEMTX_OK; 1144 default: 1145 return MEMTX_ERROR; 1146 } 1147 } 1148 1149 static inline uint32_t gic_apr_ns_view(GICState *s, int cpu, int regno) 1150 { 1151 /* Return the Nonsecure view of GICC_APR<regno>. This is the 1152 * second half of GICC_NSAPR. 1153 */ 1154 switch (GIC_MIN_BPR) { 1155 case 0: 1156 if (regno < 2) { 1157 return s->nsapr[regno + 2][cpu]; 1158 } 1159 break; 1160 case 1: 1161 if (regno == 0) { 1162 return s->nsapr[regno + 1][cpu]; 1163 } 1164 break; 1165 case 2: 1166 if (regno == 0) { 1167 return extract32(s->nsapr[0][cpu], 16, 16); 1168 } 1169 break; 1170 case 3: 1171 if (regno == 0) { 1172 return extract32(s->nsapr[0][cpu], 8, 8); 1173 } 1174 break; 1175 default: 1176 g_assert_not_reached(); 1177 } 1178 return 0; 1179 } 1180 1181 static inline void gic_apr_write_ns_view(GICState *s, int cpu, int regno, 1182 uint32_t value) 1183 { 1184 /* Write the Nonsecure view of GICC_APR<regno>. */ 1185 switch (GIC_MIN_BPR) { 1186 case 0: 1187 if (regno < 2) { 1188 s->nsapr[regno + 2][cpu] = value; 1189 } 1190 break; 1191 case 1: 1192 if (regno == 0) { 1193 s->nsapr[regno + 1][cpu] = value; 1194 } 1195 break; 1196 case 2: 1197 if (regno == 0) { 1198 s->nsapr[0][cpu] = deposit32(s->nsapr[0][cpu], 16, 16, value); 1199 } 1200 break; 1201 case 3: 1202 if (regno == 0) { 1203 s->nsapr[0][cpu] = deposit32(s->nsapr[0][cpu], 8, 8, value); 1204 } 1205 break; 1206 default: 1207 g_assert_not_reached(); 1208 } 1209 } 1210 1211 static MemTxResult gic_cpu_read(GICState *s, int cpu, int offset, 1212 uint64_t *data, MemTxAttrs attrs) 1213 { 1214 switch (offset) { 1215 case 0x00: /* Control */ 1216 *data = gic_get_cpu_control(s, cpu, attrs); 1217 break; 1218 case 0x04: /* Priority mask */ 1219 *data = gic_get_priority_mask(s, cpu, attrs); 1220 break; 1221 case 0x08: /* Binary Point */ 1222 if (s->security_extn && !attrs.secure) { 1223 /* BPR is banked. Non-secure copy stored in ABPR. */ 1224 *data = s->abpr[cpu]; 1225 } else { 1226 *data = s->bpr[cpu]; 1227 } 1228 break; 1229 case 0x0c: /* Acknowledge */ 1230 *data = gic_acknowledge_irq(s, cpu, attrs); 1231 break; 1232 case 0x14: /* Running Priority */ 1233 *data = gic_get_running_priority(s, cpu, attrs); 1234 break; 1235 case 0x18: /* Highest Pending Interrupt */ 1236 *data = gic_get_current_pending_irq(s, cpu, attrs); 1237 break; 1238 case 0x1c: /* Aliased Binary Point */ 1239 /* GIC v2, no security: ABPR 1240 * GIC v1, no security: not implemented (RAZ/WI) 1241 * With security extensions, secure access: ABPR (alias of NS BPR) 1242 * With security extensions, nonsecure access: RAZ/WI 1243 */ 1244 if (!gic_has_groups(s) || (s->security_extn && !attrs.secure)) { 1245 *data = 0; 1246 } else { 1247 *data = s->abpr[cpu]; 1248 } 1249 break; 1250 case 0xd0: case 0xd4: case 0xd8: case 0xdc: 1251 { 1252 int regno = (offset - 0xd0) / 4; 1253 1254 if (regno >= GIC_NR_APRS || s->revision != 2) { 1255 *data = 0; 1256 } else if (s->security_extn && !attrs.secure) { 1257 /* NS view of GICC_APR<n> is the top half of GIC_NSAPR<n> */ 1258 *data = gic_apr_ns_view(s, regno, cpu); 1259 } else { 1260 *data = s->apr[regno][cpu]; 1261 } 1262 break; 1263 } 1264 case 0xe0: case 0xe4: case 0xe8: case 0xec: 1265 { 1266 int regno = (offset - 0xe0) / 4; 1267 1268 if (regno >= GIC_NR_APRS || s->revision != 2 || !gic_has_groups(s) || 1269 (s->security_extn && !attrs.secure)) { 1270 *data = 0; 1271 } else { 1272 *data = s->nsapr[regno][cpu]; 1273 } 1274 break; 1275 } 1276 default: 1277 qemu_log_mask(LOG_GUEST_ERROR, 1278 "gic_cpu_read: Bad offset %x\n", (int)offset); 1279 return MEMTX_ERROR; 1280 } 1281 return MEMTX_OK; 1282 } 1283 1284 static MemTxResult gic_cpu_write(GICState *s, int cpu, int offset, 1285 uint32_t value, MemTxAttrs attrs) 1286 { 1287 switch (offset) { 1288 case 0x00: /* Control */ 1289 gic_set_cpu_control(s, cpu, value, attrs); 1290 break; 1291 case 0x04: /* Priority mask */ 1292 gic_set_priority_mask(s, cpu, value, attrs); 1293 break; 1294 case 0x08: /* Binary Point */ 1295 if (s->security_extn && !attrs.secure) { 1296 s->abpr[cpu] = MAX(value & 0x7, GIC_MIN_ABPR); 1297 } else { 1298 s->bpr[cpu] = MAX(value & 0x7, GIC_MIN_BPR); 1299 } 1300 break; 1301 case 0x10: /* End Of Interrupt */ 1302 gic_complete_irq(s, cpu, value & 0x3ff, attrs); 1303 return MEMTX_OK; 1304 case 0x1c: /* Aliased Binary Point */ 1305 if (!gic_has_groups(s) || (s->security_extn && !attrs.secure)) { 1306 /* unimplemented, or NS access: RAZ/WI */ 1307 return MEMTX_OK; 1308 } else { 1309 s->abpr[cpu] = MAX(value & 0x7, GIC_MIN_ABPR); 1310 } 1311 break; 1312 case 0xd0: case 0xd4: case 0xd8: case 0xdc: 1313 { 1314 int regno = (offset - 0xd0) / 4; 1315 1316 if (regno >= GIC_NR_APRS || s->revision != 2) { 1317 return MEMTX_OK; 1318 } 1319 if (s->security_extn && !attrs.secure) { 1320 /* NS view of GICC_APR<n> is the top half of GIC_NSAPR<n> */ 1321 gic_apr_write_ns_view(s, regno, cpu, value); 1322 } else { 1323 s->apr[regno][cpu] = value; 1324 } 1325 break; 1326 } 1327 case 0xe0: case 0xe4: case 0xe8: case 0xec: 1328 { 1329 int regno = (offset - 0xe0) / 4; 1330 1331 if (regno >= GIC_NR_APRS || s->revision != 2) { 1332 return MEMTX_OK; 1333 } 1334 if (!gic_has_groups(s) || (s->security_extn && !attrs.secure)) { 1335 return MEMTX_OK; 1336 } 1337 s->nsapr[regno][cpu] = value; 1338 break; 1339 } 1340 case 0x1000: 1341 /* GICC_DIR */ 1342 gic_deactivate_irq(s, cpu, value & 0x3ff, attrs); 1343 break; 1344 default: 1345 qemu_log_mask(LOG_GUEST_ERROR, 1346 "gic_cpu_write: Bad offset %x\n", (int)offset); 1347 return MEMTX_ERROR; 1348 } 1349 gic_update(s); 1350 return MEMTX_OK; 1351 } 1352 1353 /* Wrappers to read/write the GIC CPU interface for the current CPU */ 1354 static MemTxResult gic_thiscpu_read(void *opaque, hwaddr addr, uint64_t *data, 1355 unsigned size, MemTxAttrs attrs) 1356 { 1357 GICState *s = (GICState *)opaque; 1358 return gic_cpu_read(s, gic_get_current_cpu(s), addr, data, attrs); 1359 } 1360 1361 static MemTxResult gic_thiscpu_write(void *opaque, hwaddr addr, 1362 uint64_t value, unsigned size, 1363 MemTxAttrs attrs) 1364 { 1365 GICState *s = (GICState *)opaque; 1366 return gic_cpu_write(s, gic_get_current_cpu(s), addr, value, attrs); 1367 } 1368 1369 /* Wrappers to read/write the GIC CPU interface for a specific CPU. 1370 * These just decode the opaque pointer into GICState* + cpu id. 1371 */ 1372 static MemTxResult gic_do_cpu_read(void *opaque, hwaddr addr, uint64_t *data, 1373 unsigned size, MemTxAttrs attrs) 1374 { 1375 GICState **backref = (GICState **)opaque; 1376 GICState *s = *backref; 1377 int id = (backref - s->backref); 1378 return gic_cpu_read(s, id, addr, data, attrs); 1379 } 1380 1381 static MemTxResult gic_do_cpu_write(void *opaque, hwaddr addr, 1382 uint64_t value, unsigned size, 1383 MemTxAttrs attrs) 1384 { 1385 GICState **backref = (GICState **)opaque; 1386 GICState *s = *backref; 1387 int id = (backref - s->backref); 1388 return gic_cpu_write(s, id, addr, value, attrs); 1389 } 1390 1391 static const MemoryRegionOps gic_ops[2] = { 1392 { 1393 .read_with_attrs = gic_dist_read, 1394 .write_with_attrs = gic_dist_write, 1395 .endianness = DEVICE_NATIVE_ENDIAN, 1396 }, 1397 { 1398 .read_with_attrs = gic_thiscpu_read, 1399 .write_with_attrs = gic_thiscpu_write, 1400 .endianness = DEVICE_NATIVE_ENDIAN, 1401 } 1402 }; 1403 1404 static const MemoryRegionOps gic_cpu_ops = { 1405 .read_with_attrs = gic_do_cpu_read, 1406 .write_with_attrs = gic_do_cpu_write, 1407 .endianness = DEVICE_NATIVE_ENDIAN, 1408 }; 1409 1410 /* This function is used by nvic model */ 1411 void gic_init_irqs_and_distributor(GICState *s) 1412 { 1413 gic_init_irqs_and_mmio(s, gic_set_irq, gic_ops); 1414 } 1415 1416 static void arm_gic_realize(DeviceState *dev, Error **errp) 1417 { 1418 /* Device instance realize function for the GIC sysbus device */ 1419 int i; 1420 GICState *s = ARM_GIC(dev); 1421 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1422 ARMGICClass *agc = ARM_GIC_GET_CLASS(s); 1423 Error *local_err = NULL; 1424 1425 agc->parent_realize(dev, &local_err); 1426 if (local_err) { 1427 error_propagate(errp, local_err); 1428 return; 1429 } 1430 1431 /* This creates distributor and main CPU interface (s->cpuiomem[0]) */ 1432 gic_init_irqs_and_mmio(s, gic_set_irq, gic_ops); 1433 1434 /* Extra core-specific regions for the CPU interfaces. This is 1435 * necessary for "franken-GIC" implementations, for example on 1436 * Exynos 4. 1437 * NB that the memory region size of 0x100 applies for the 11MPCore 1438 * and also cores following the GIC v1 spec (ie A9). 1439 * GIC v2 defines a larger memory region (0x1000) so this will need 1440 * to be extended when we implement A15. 1441 */ 1442 for (i = 0; i < s->num_cpu; i++) { 1443 s->backref[i] = s; 1444 memory_region_init_io(&s->cpuiomem[i+1], OBJECT(s), &gic_cpu_ops, 1445 &s->backref[i], "gic_cpu", 0x100); 1446 sysbus_init_mmio(sbd, &s->cpuiomem[i+1]); 1447 } 1448 } 1449 1450 static void arm_gic_class_init(ObjectClass *klass, void *data) 1451 { 1452 DeviceClass *dc = DEVICE_CLASS(klass); 1453 ARMGICClass *agc = ARM_GIC_CLASS(klass); 1454 1455 agc->parent_realize = dc->realize; 1456 dc->realize = arm_gic_realize; 1457 } 1458 1459 static const TypeInfo arm_gic_info = { 1460 .name = TYPE_ARM_GIC, 1461 .parent = TYPE_ARM_GIC_COMMON, 1462 .instance_size = sizeof(GICState), 1463 .class_init = arm_gic_class_init, 1464 .class_size = sizeof(ARMGICClass), 1465 }; 1466 1467 static void arm_gic_register_types(void) 1468 { 1469 type_register_static(&arm_gic_info); 1470 } 1471 1472 type_init(arm_gic_register_types) 1473