1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-only
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * Copyright (C) 2015, 2016 ARM Ltd.
4*4882a593Smuzhiyun */
5*4882a593Smuzhiyun
6*4882a593Smuzhiyun #include <linux/interrupt.h>
7*4882a593Smuzhiyun #include <linux/irq.h>
8*4882a593Smuzhiyun #include <linux/kvm.h>
9*4882a593Smuzhiyun #include <linux/kvm_host.h>
10*4882a593Smuzhiyun #include <linux/list_sort.h>
11*4882a593Smuzhiyun #include <linux/nospec.h>
12*4882a593Smuzhiyun
13*4882a593Smuzhiyun #include <asm/kvm_hyp.h>
14*4882a593Smuzhiyun
15*4882a593Smuzhiyun #include "vgic.h"
16*4882a593Smuzhiyun
17*4882a593Smuzhiyun #define CREATE_TRACE_POINTS
18*4882a593Smuzhiyun #include "trace.h"
19*4882a593Smuzhiyun
20*4882a593Smuzhiyun struct vgic_global kvm_vgic_global_state __ro_after_init = {
21*4882a593Smuzhiyun .gicv3_cpuif = STATIC_KEY_FALSE_INIT,
22*4882a593Smuzhiyun };
23*4882a593Smuzhiyun
24*4882a593Smuzhiyun /*
25*4882a593Smuzhiyun * Locking order is always:
26*4882a593Smuzhiyun * kvm->lock (mutex)
27*4882a593Smuzhiyun * its->cmd_lock (mutex)
28*4882a593Smuzhiyun * its->its_lock (mutex)
29*4882a593Smuzhiyun * vgic_cpu->ap_list_lock must be taken with IRQs disabled
30*4882a593Smuzhiyun * kvm->lpi_list_lock must be taken with IRQs disabled
31*4882a593Smuzhiyun * vgic_irq->irq_lock must be taken with IRQs disabled
32*4882a593Smuzhiyun *
33*4882a593Smuzhiyun * As the ap_list_lock might be taken from the timer interrupt handler,
34*4882a593Smuzhiyun * we have to disable IRQs before taking this lock and everything lower
35*4882a593Smuzhiyun * than it.
36*4882a593Smuzhiyun *
37*4882a593Smuzhiyun * If you need to take multiple locks, always take the upper lock first,
38*4882a593Smuzhiyun * then the lower ones, e.g. first take the its_lock, then the irq_lock.
39*4882a593Smuzhiyun * If you are already holding a lock and need to take a higher one, you
40*4882a593Smuzhiyun * have to drop the lower ranking lock first and re-aquire it after having
41*4882a593Smuzhiyun * taken the upper one.
42*4882a593Smuzhiyun *
43*4882a593Smuzhiyun * When taking more than one ap_list_lock at the same time, always take the
44*4882a593Smuzhiyun * lowest numbered VCPU's ap_list_lock first, so:
45*4882a593Smuzhiyun * vcpuX->vcpu_id < vcpuY->vcpu_id:
46*4882a593Smuzhiyun * raw_spin_lock(vcpuX->arch.vgic_cpu.ap_list_lock);
47*4882a593Smuzhiyun * raw_spin_lock(vcpuY->arch.vgic_cpu.ap_list_lock);
48*4882a593Smuzhiyun *
49*4882a593Smuzhiyun * Since the VGIC must support injecting virtual interrupts from ISRs, we have
50*4882a593Smuzhiyun * to use the raw_spin_lock_irqsave/raw_spin_unlock_irqrestore versions of outer
51*4882a593Smuzhiyun * spinlocks for any lock that may be taken while injecting an interrupt.
52*4882a593Smuzhiyun */
53*4882a593Smuzhiyun
54*4882a593Smuzhiyun /*
55*4882a593Smuzhiyun * Iterate over the VM's list of mapped LPIs to find the one with a
56*4882a593Smuzhiyun * matching interrupt ID and return a reference to the IRQ structure.
57*4882a593Smuzhiyun */
vgic_get_lpi(struct kvm * kvm,u32 intid)58*4882a593Smuzhiyun static struct vgic_irq *vgic_get_lpi(struct kvm *kvm, u32 intid)
59*4882a593Smuzhiyun {
60*4882a593Smuzhiyun struct vgic_dist *dist = &kvm->arch.vgic;
61*4882a593Smuzhiyun struct vgic_irq *irq = NULL;
62*4882a593Smuzhiyun unsigned long flags;
63*4882a593Smuzhiyun
64*4882a593Smuzhiyun raw_spin_lock_irqsave(&dist->lpi_list_lock, flags);
65*4882a593Smuzhiyun
66*4882a593Smuzhiyun list_for_each_entry(irq, &dist->lpi_list_head, lpi_list) {
67*4882a593Smuzhiyun if (irq->intid != intid)
68*4882a593Smuzhiyun continue;
69*4882a593Smuzhiyun
70*4882a593Smuzhiyun /*
71*4882a593Smuzhiyun * This increases the refcount, the caller is expected to
72*4882a593Smuzhiyun * call vgic_put_irq() later once it's finished with the IRQ.
73*4882a593Smuzhiyun */
74*4882a593Smuzhiyun vgic_get_irq_kref(irq);
75*4882a593Smuzhiyun goto out_unlock;
76*4882a593Smuzhiyun }
77*4882a593Smuzhiyun irq = NULL;
78*4882a593Smuzhiyun
79*4882a593Smuzhiyun out_unlock:
80*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&dist->lpi_list_lock, flags);
81*4882a593Smuzhiyun
82*4882a593Smuzhiyun return irq;
83*4882a593Smuzhiyun }
84*4882a593Smuzhiyun
85*4882a593Smuzhiyun /*
86*4882a593Smuzhiyun * This looks up the virtual interrupt ID to get the corresponding
87*4882a593Smuzhiyun * struct vgic_irq. It also increases the refcount, so any caller is expected
88*4882a593Smuzhiyun * to call vgic_put_irq() once it's finished with this IRQ.
89*4882a593Smuzhiyun */
vgic_get_irq(struct kvm * kvm,struct kvm_vcpu * vcpu,u32 intid)90*4882a593Smuzhiyun struct vgic_irq *vgic_get_irq(struct kvm *kvm, struct kvm_vcpu *vcpu,
91*4882a593Smuzhiyun u32 intid)
92*4882a593Smuzhiyun {
93*4882a593Smuzhiyun /* SGIs and PPIs */
94*4882a593Smuzhiyun if (intid <= VGIC_MAX_PRIVATE) {
95*4882a593Smuzhiyun intid = array_index_nospec(intid, VGIC_MAX_PRIVATE + 1);
96*4882a593Smuzhiyun return &vcpu->arch.vgic_cpu.private_irqs[intid];
97*4882a593Smuzhiyun }
98*4882a593Smuzhiyun
99*4882a593Smuzhiyun /* SPIs */
100*4882a593Smuzhiyun if (intid < (kvm->arch.vgic.nr_spis + VGIC_NR_PRIVATE_IRQS)) {
101*4882a593Smuzhiyun intid = array_index_nospec(intid, kvm->arch.vgic.nr_spis + VGIC_NR_PRIVATE_IRQS);
102*4882a593Smuzhiyun return &kvm->arch.vgic.spis[intid - VGIC_NR_PRIVATE_IRQS];
103*4882a593Smuzhiyun }
104*4882a593Smuzhiyun
105*4882a593Smuzhiyun /* LPIs */
106*4882a593Smuzhiyun if (intid >= VGIC_MIN_LPI)
107*4882a593Smuzhiyun return vgic_get_lpi(kvm, intid);
108*4882a593Smuzhiyun
109*4882a593Smuzhiyun WARN(1, "Looking up struct vgic_irq for reserved INTID");
110*4882a593Smuzhiyun return NULL;
111*4882a593Smuzhiyun }
112*4882a593Smuzhiyun
113*4882a593Smuzhiyun /*
114*4882a593Smuzhiyun * We can't do anything in here, because we lack the kvm pointer to
115*4882a593Smuzhiyun * lock and remove the item from the lpi_list. So we keep this function
116*4882a593Smuzhiyun * empty and use the return value of kref_put() to trigger the freeing.
117*4882a593Smuzhiyun */
vgic_irq_release(struct kref * ref)118*4882a593Smuzhiyun static void vgic_irq_release(struct kref *ref)
119*4882a593Smuzhiyun {
120*4882a593Smuzhiyun }
121*4882a593Smuzhiyun
122*4882a593Smuzhiyun /*
123*4882a593Smuzhiyun * Drop the refcount on the LPI. Must be called with lpi_list_lock held.
124*4882a593Smuzhiyun */
__vgic_put_lpi_locked(struct kvm * kvm,struct vgic_irq * irq)125*4882a593Smuzhiyun void __vgic_put_lpi_locked(struct kvm *kvm, struct vgic_irq *irq)
126*4882a593Smuzhiyun {
127*4882a593Smuzhiyun struct vgic_dist *dist = &kvm->arch.vgic;
128*4882a593Smuzhiyun
129*4882a593Smuzhiyun if (!kref_put(&irq->refcount, vgic_irq_release))
130*4882a593Smuzhiyun return;
131*4882a593Smuzhiyun
132*4882a593Smuzhiyun list_del(&irq->lpi_list);
133*4882a593Smuzhiyun dist->lpi_list_count--;
134*4882a593Smuzhiyun
135*4882a593Smuzhiyun kfree(irq);
136*4882a593Smuzhiyun }
137*4882a593Smuzhiyun
vgic_put_irq(struct kvm * kvm,struct vgic_irq * irq)138*4882a593Smuzhiyun void vgic_put_irq(struct kvm *kvm, struct vgic_irq *irq)
139*4882a593Smuzhiyun {
140*4882a593Smuzhiyun struct vgic_dist *dist = &kvm->arch.vgic;
141*4882a593Smuzhiyun unsigned long flags;
142*4882a593Smuzhiyun
143*4882a593Smuzhiyun if (irq->intid < VGIC_MIN_LPI)
144*4882a593Smuzhiyun return;
145*4882a593Smuzhiyun
146*4882a593Smuzhiyun raw_spin_lock_irqsave(&dist->lpi_list_lock, flags);
147*4882a593Smuzhiyun __vgic_put_lpi_locked(kvm, irq);
148*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&dist->lpi_list_lock, flags);
149*4882a593Smuzhiyun }
150*4882a593Smuzhiyun
vgic_flush_pending_lpis(struct kvm_vcpu * vcpu)151*4882a593Smuzhiyun void vgic_flush_pending_lpis(struct kvm_vcpu *vcpu)
152*4882a593Smuzhiyun {
153*4882a593Smuzhiyun struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
154*4882a593Smuzhiyun struct vgic_irq *irq, *tmp;
155*4882a593Smuzhiyun unsigned long flags;
156*4882a593Smuzhiyun
157*4882a593Smuzhiyun raw_spin_lock_irqsave(&vgic_cpu->ap_list_lock, flags);
158*4882a593Smuzhiyun
159*4882a593Smuzhiyun list_for_each_entry_safe(irq, tmp, &vgic_cpu->ap_list_head, ap_list) {
160*4882a593Smuzhiyun if (irq->intid >= VGIC_MIN_LPI) {
161*4882a593Smuzhiyun raw_spin_lock(&irq->irq_lock);
162*4882a593Smuzhiyun list_del(&irq->ap_list);
163*4882a593Smuzhiyun irq->vcpu = NULL;
164*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
165*4882a593Smuzhiyun vgic_put_irq(vcpu->kvm, irq);
166*4882a593Smuzhiyun }
167*4882a593Smuzhiyun }
168*4882a593Smuzhiyun
169*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&vgic_cpu->ap_list_lock, flags);
170*4882a593Smuzhiyun }
171*4882a593Smuzhiyun
vgic_irq_set_phys_pending(struct vgic_irq * irq,bool pending)172*4882a593Smuzhiyun void vgic_irq_set_phys_pending(struct vgic_irq *irq, bool pending)
173*4882a593Smuzhiyun {
174*4882a593Smuzhiyun WARN_ON(irq_set_irqchip_state(irq->host_irq,
175*4882a593Smuzhiyun IRQCHIP_STATE_PENDING,
176*4882a593Smuzhiyun pending));
177*4882a593Smuzhiyun }
178*4882a593Smuzhiyun
vgic_get_phys_line_level(struct vgic_irq * irq)179*4882a593Smuzhiyun bool vgic_get_phys_line_level(struct vgic_irq *irq)
180*4882a593Smuzhiyun {
181*4882a593Smuzhiyun bool line_level;
182*4882a593Smuzhiyun
183*4882a593Smuzhiyun BUG_ON(!irq->hw);
184*4882a593Smuzhiyun
185*4882a593Smuzhiyun if (irq->get_input_level)
186*4882a593Smuzhiyun return irq->get_input_level(irq->intid);
187*4882a593Smuzhiyun
188*4882a593Smuzhiyun WARN_ON(irq_get_irqchip_state(irq->host_irq,
189*4882a593Smuzhiyun IRQCHIP_STATE_PENDING,
190*4882a593Smuzhiyun &line_level));
191*4882a593Smuzhiyun return line_level;
192*4882a593Smuzhiyun }
193*4882a593Smuzhiyun
194*4882a593Smuzhiyun /* Set/Clear the physical active state */
vgic_irq_set_phys_active(struct vgic_irq * irq,bool active)195*4882a593Smuzhiyun void vgic_irq_set_phys_active(struct vgic_irq *irq, bool active)
196*4882a593Smuzhiyun {
197*4882a593Smuzhiyun
198*4882a593Smuzhiyun BUG_ON(!irq->hw);
199*4882a593Smuzhiyun WARN_ON(irq_set_irqchip_state(irq->host_irq,
200*4882a593Smuzhiyun IRQCHIP_STATE_ACTIVE,
201*4882a593Smuzhiyun active));
202*4882a593Smuzhiyun }
203*4882a593Smuzhiyun
204*4882a593Smuzhiyun /**
205*4882a593Smuzhiyun * kvm_vgic_target_oracle - compute the target vcpu for an irq
206*4882a593Smuzhiyun *
207*4882a593Smuzhiyun * @irq: The irq to route. Must be already locked.
208*4882a593Smuzhiyun *
209*4882a593Smuzhiyun * Based on the current state of the interrupt (enabled, pending,
210*4882a593Smuzhiyun * active, vcpu and target_vcpu), compute the next vcpu this should be
211*4882a593Smuzhiyun * given to. Return NULL if this shouldn't be injected at all.
212*4882a593Smuzhiyun *
213*4882a593Smuzhiyun * Requires the IRQ lock to be held.
214*4882a593Smuzhiyun */
vgic_target_oracle(struct vgic_irq * irq)215*4882a593Smuzhiyun static struct kvm_vcpu *vgic_target_oracle(struct vgic_irq *irq)
216*4882a593Smuzhiyun {
217*4882a593Smuzhiyun lockdep_assert_held(&irq->irq_lock);
218*4882a593Smuzhiyun
219*4882a593Smuzhiyun /* If the interrupt is active, it must stay on the current vcpu */
220*4882a593Smuzhiyun if (irq->active)
221*4882a593Smuzhiyun return irq->vcpu ? : irq->target_vcpu;
222*4882a593Smuzhiyun
223*4882a593Smuzhiyun /*
224*4882a593Smuzhiyun * If the IRQ is not active but enabled and pending, we should direct
225*4882a593Smuzhiyun * it to its configured target VCPU.
226*4882a593Smuzhiyun * If the distributor is disabled, pending interrupts shouldn't be
227*4882a593Smuzhiyun * forwarded.
228*4882a593Smuzhiyun */
229*4882a593Smuzhiyun if (irq->enabled && irq_is_pending(irq)) {
230*4882a593Smuzhiyun if (unlikely(irq->target_vcpu &&
231*4882a593Smuzhiyun !irq->target_vcpu->kvm->arch.vgic.enabled))
232*4882a593Smuzhiyun return NULL;
233*4882a593Smuzhiyun
234*4882a593Smuzhiyun return irq->target_vcpu;
235*4882a593Smuzhiyun }
236*4882a593Smuzhiyun
237*4882a593Smuzhiyun /* If neither active nor pending and enabled, then this IRQ should not
238*4882a593Smuzhiyun * be queued to any VCPU.
239*4882a593Smuzhiyun */
240*4882a593Smuzhiyun return NULL;
241*4882a593Smuzhiyun }
242*4882a593Smuzhiyun
243*4882a593Smuzhiyun /*
244*4882a593Smuzhiyun * The order of items in the ap_lists defines how we'll pack things in LRs as
245*4882a593Smuzhiyun * well, the first items in the list being the first things populated in the
246*4882a593Smuzhiyun * LRs.
247*4882a593Smuzhiyun *
248*4882a593Smuzhiyun * A hard rule is that active interrupts can never be pushed out of the LRs
249*4882a593Smuzhiyun * (and therefore take priority) since we cannot reliably trap on deactivation
250*4882a593Smuzhiyun * of IRQs and therefore they have to be present in the LRs.
251*4882a593Smuzhiyun *
252*4882a593Smuzhiyun * Otherwise things should be sorted by the priority field and the GIC
253*4882a593Smuzhiyun * hardware support will take care of preemption of priority groups etc.
254*4882a593Smuzhiyun *
255*4882a593Smuzhiyun * Return negative if "a" sorts before "b", 0 to preserve order, and positive
256*4882a593Smuzhiyun * to sort "b" before "a".
257*4882a593Smuzhiyun */
vgic_irq_cmp(void * priv,struct list_head * a,struct list_head * b)258*4882a593Smuzhiyun static int vgic_irq_cmp(void *priv, struct list_head *a, struct list_head *b)
259*4882a593Smuzhiyun {
260*4882a593Smuzhiyun struct vgic_irq *irqa = container_of(a, struct vgic_irq, ap_list);
261*4882a593Smuzhiyun struct vgic_irq *irqb = container_of(b, struct vgic_irq, ap_list);
262*4882a593Smuzhiyun bool penda, pendb;
263*4882a593Smuzhiyun int ret;
264*4882a593Smuzhiyun
265*4882a593Smuzhiyun /*
266*4882a593Smuzhiyun * list_sort may call this function with the same element when
267*4882a593Smuzhiyun * the list is fairly long.
268*4882a593Smuzhiyun */
269*4882a593Smuzhiyun if (unlikely(irqa == irqb))
270*4882a593Smuzhiyun return 0;
271*4882a593Smuzhiyun
272*4882a593Smuzhiyun raw_spin_lock(&irqa->irq_lock);
273*4882a593Smuzhiyun raw_spin_lock_nested(&irqb->irq_lock, SINGLE_DEPTH_NESTING);
274*4882a593Smuzhiyun
275*4882a593Smuzhiyun if (irqa->active || irqb->active) {
276*4882a593Smuzhiyun ret = (int)irqb->active - (int)irqa->active;
277*4882a593Smuzhiyun goto out;
278*4882a593Smuzhiyun }
279*4882a593Smuzhiyun
280*4882a593Smuzhiyun penda = irqa->enabled && irq_is_pending(irqa);
281*4882a593Smuzhiyun pendb = irqb->enabled && irq_is_pending(irqb);
282*4882a593Smuzhiyun
283*4882a593Smuzhiyun if (!penda || !pendb) {
284*4882a593Smuzhiyun ret = (int)pendb - (int)penda;
285*4882a593Smuzhiyun goto out;
286*4882a593Smuzhiyun }
287*4882a593Smuzhiyun
288*4882a593Smuzhiyun /* Both pending and enabled, sort by priority */
289*4882a593Smuzhiyun ret = irqa->priority - irqb->priority;
290*4882a593Smuzhiyun out:
291*4882a593Smuzhiyun raw_spin_unlock(&irqb->irq_lock);
292*4882a593Smuzhiyun raw_spin_unlock(&irqa->irq_lock);
293*4882a593Smuzhiyun return ret;
294*4882a593Smuzhiyun }
295*4882a593Smuzhiyun
296*4882a593Smuzhiyun /* Must be called with the ap_list_lock held */
vgic_sort_ap_list(struct kvm_vcpu * vcpu)297*4882a593Smuzhiyun static void vgic_sort_ap_list(struct kvm_vcpu *vcpu)
298*4882a593Smuzhiyun {
299*4882a593Smuzhiyun struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
300*4882a593Smuzhiyun
301*4882a593Smuzhiyun lockdep_assert_held(&vgic_cpu->ap_list_lock);
302*4882a593Smuzhiyun
303*4882a593Smuzhiyun list_sort(NULL, &vgic_cpu->ap_list_head, vgic_irq_cmp);
304*4882a593Smuzhiyun }
305*4882a593Smuzhiyun
306*4882a593Smuzhiyun /*
307*4882a593Smuzhiyun * Only valid injection if changing level for level-triggered IRQs or for a
308*4882a593Smuzhiyun * rising edge, and in-kernel connected IRQ lines can only be controlled by
309*4882a593Smuzhiyun * their owner.
310*4882a593Smuzhiyun */
vgic_validate_injection(struct vgic_irq * irq,bool level,void * owner)311*4882a593Smuzhiyun static bool vgic_validate_injection(struct vgic_irq *irq, bool level, void *owner)
312*4882a593Smuzhiyun {
313*4882a593Smuzhiyun if (irq->owner != owner)
314*4882a593Smuzhiyun return false;
315*4882a593Smuzhiyun
316*4882a593Smuzhiyun switch (irq->config) {
317*4882a593Smuzhiyun case VGIC_CONFIG_LEVEL:
318*4882a593Smuzhiyun return irq->line_level != level;
319*4882a593Smuzhiyun case VGIC_CONFIG_EDGE:
320*4882a593Smuzhiyun return level;
321*4882a593Smuzhiyun }
322*4882a593Smuzhiyun
323*4882a593Smuzhiyun return false;
324*4882a593Smuzhiyun }
325*4882a593Smuzhiyun
326*4882a593Smuzhiyun /*
327*4882a593Smuzhiyun * Check whether an IRQ needs to (and can) be queued to a VCPU's ap list.
328*4882a593Smuzhiyun * Do the queuing if necessary, taking the right locks in the right order.
329*4882a593Smuzhiyun * Returns true when the IRQ was queued, false otherwise.
330*4882a593Smuzhiyun *
331*4882a593Smuzhiyun * Needs to be entered with the IRQ lock already held, but will return
332*4882a593Smuzhiyun * with all locks dropped.
333*4882a593Smuzhiyun */
vgic_queue_irq_unlock(struct kvm * kvm,struct vgic_irq * irq,unsigned long flags)334*4882a593Smuzhiyun bool vgic_queue_irq_unlock(struct kvm *kvm, struct vgic_irq *irq,
335*4882a593Smuzhiyun unsigned long flags)
336*4882a593Smuzhiyun {
337*4882a593Smuzhiyun struct kvm_vcpu *vcpu;
338*4882a593Smuzhiyun
339*4882a593Smuzhiyun lockdep_assert_held(&irq->irq_lock);
340*4882a593Smuzhiyun
341*4882a593Smuzhiyun retry:
342*4882a593Smuzhiyun vcpu = vgic_target_oracle(irq);
343*4882a593Smuzhiyun if (irq->vcpu || !vcpu) {
344*4882a593Smuzhiyun /*
345*4882a593Smuzhiyun * If this IRQ is already on a VCPU's ap_list, then it
346*4882a593Smuzhiyun * cannot be moved or modified and there is no more work for
347*4882a593Smuzhiyun * us to do.
348*4882a593Smuzhiyun *
349*4882a593Smuzhiyun * Otherwise, if the irq is not pending and enabled, it does
350*4882a593Smuzhiyun * not need to be inserted into an ap_list and there is also
351*4882a593Smuzhiyun * no more work for us to do.
352*4882a593Smuzhiyun */
353*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&irq->irq_lock, flags);
354*4882a593Smuzhiyun
355*4882a593Smuzhiyun /*
356*4882a593Smuzhiyun * We have to kick the VCPU here, because we could be
357*4882a593Smuzhiyun * queueing an edge-triggered interrupt for which we
358*4882a593Smuzhiyun * get no EOI maintenance interrupt. In that case,
359*4882a593Smuzhiyun * while the IRQ is already on the VCPU's AP list, the
360*4882a593Smuzhiyun * VCPU could have EOI'ed the original interrupt and
361*4882a593Smuzhiyun * won't see this one until it exits for some other
362*4882a593Smuzhiyun * reason.
363*4882a593Smuzhiyun */
364*4882a593Smuzhiyun if (vcpu) {
365*4882a593Smuzhiyun kvm_make_request(KVM_REQ_IRQ_PENDING, vcpu);
366*4882a593Smuzhiyun kvm_vcpu_kick(vcpu);
367*4882a593Smuzhiyun }
368*4882a593Smuzhiyun return false;
369*4882a593Smuzhiyun }
370*4882a593Smuzhiyun
371*4882a593Smuzhiyun /*
372*4882a593Smuzhiyun * We must unlock the irq lock to take the ap_list_lock where
373*4882a593Smuzhiyun * we are going to insert this new pending interrupt.
374*4882a593Smuzhiyun */
375*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&irq->irq_lock, flags);
376*4882a593Smuzhiyun
377*4882a593Smuzhiyun /* someone can do stuff here, which we re-check below */
378*4882a593Smuzhiyun
379*4882a593Smuzhiyun raw_spin_lock_irqsave(&vcpu->arch.vgic_cpu.ap_list_lock, flags);
380*4882a593Smuzhiyun raw_spin_lock(&irq->irq_lock);
381*4882a593Smuzhiyun
382*4882a593Smuzhiyun /*
383*4882a593Smuzhiyun * Did something change behind our backs?
384*4882a593Smuzhiyun *
385*4882a593Smuzhiyun * There are two cases:
386*4882a593Smuzhiyun * 1) The irq lost its pending state or was disabled behind our
387*4882a593Smuzhiyun * backs and/or it was queued to another VCPU's ap_list.
388*4882a593Smuzhiyun * 2) Someone changed the affinity on this irq behind our
389*4882a593Smuzhiyun * backs and we are now holding the wrong ap_list_lock.
390*4882a593Smuzhiyun *
391*4882a593Smuzhiyun * In both cases, drop the locks and retry.
392*4882a593Smuzhiyun */
393*4882a593Smuzhiyun
394*4882a593Smuzhiyun if (unlikely(irq->vcpu || vcpu != vgic_target_oracle(irq))) {
395*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
396*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&vcpu->arch.vgic_cpu.ap_list_lock,
397*4882a593Smuzhiyun flags);
398*4882a593Smuzhiyun
399*4882a593Smuzhiyun raw_spin_lock_irqsave(&irq->irq_lock, flags);
400*4882a593Smuzhiyun goto retry;
401*4882a593Smuzhiyun }
402*4882a593Smuzhiyun
403*4882a593Smuzhiyun /*
404*4882a593Smuzhiyun * Grab a reference to the irq to reflect the fact that it is
405*4882a593Smuzhiyun * now in the ap_list.
406*4882a593Smuzhiyun */
407*4882a593Smuzhiyun vgic_get_irq_kref(irq);
408*4882a593Smuzhiyun list_add_tail(&irq->ap_list, &vcpu->arch.vgic_cpu.ap_list_head);
409*4882a593Smuzhiyun irq->vcpu = vcpu;
410*4882a593Smuzhiyun
411*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
412*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&vcpu->arch.vgic_cpu.ap_list_lock, flags);
413*4882a593Smuzhiyun
414*4882a593Smuzhiyun kvm_make_request(KVM_REQ_IRQ_PENDING, vcpu);
415*4882a593Smuzhiyun kvm_vcpu_kick(vcpu);
416*4882a593Smuzhiyun
417*4882a593Smuzhiyun return true;
418*4882a593Smuzhiyun }
419*4882a593Smuzhiyun
420*4882a593Smuzhiyun /**
421*4882a593Smuzhiyun * kvm_vgic_inject_irq - Inject an IRQ from a device to the vgic
422*4882a593Smuzhiyun * @kvm: The VM structure pointer
423*4882a593Smuzhiyun * @cpuid: The CPU for PPIs
424*4882a593Smuzhiyun * @intid: The INTID to inject a new state to.
425*4882a593Smuzhiyun * @level: Edge-triggered: true: to trigger the interrupt
426*4882a593Smuzhiyun * false: to ignore the call
427*4882a593Smuzhiyun * Level-sensitive true: raise the input signal
428*4882a593Smuzhiyun * false: lower the input signal
429*4882a593Smuzhiyun * @owner: The opaque pointer to the owner of the IRQ being raised to verify
430*4882a593Smuzhiyun * that the caller is allowed to inject this IRQ. Userspace
431*4882a593Smuzhiyun * injections will have owner == NULL.
432*4882a593Smuzhiyun *
433*4882a593Smuzhiyun * The VGIC is not concerned with devices being active-LOW or active-HIGH for
434*4882a593Smuzhiyun * level-sensitive interrupts. You can think of the level parameter as 1
435*4882a593Smuzhiyun * being HIGH and 0 being LOW and all devices being active-HIGH.
436*4882a593Smuzhiyun */
kvm_vgic_inject_irq(struct kvm * kvm,int cpuid,unsigned int intid,bool level,void * owner)437*4882a593Smuzhiyun int kvm_vgic_inject_irq(struct kvm *kvm, int cpuid, unsigned int intid,
438*4882a593Smuzhiyun bool level, void *owner)
439*4882a593Smuzhiyun {
440*4882a593Smuzhiyun struct kvm_vcpu *vcpu;
441*4882a593Smuzhiyun struct vgic_irq *irq;
442*4882a593Smuzhiyun unsigned long flags;
443*4882a593Smuzhiyun int ret;
444*4882a593Smuzhiyun
445*4882a593Smuzhiyun trace_vgic_update_irq_pending(cpuid, intid, level);
446*4882a593Smuzhiyun
447*4882a593Smuzhiyun ret = vgic_lazy_init(kvm);
448*4882a593Smuzhiyun if (ret)
449*4882a593Smuzhiyun return ret;
450*4882a593Smuzhiyun
451*4882a593Smuzhiyun vcpu = kvm_get_vcpu(kvm, cpuid);
452*4882a593Smuzhiyun if (!vcpu && intid < VGIC_NR_PRIVATE_IRQS)
453*4882a593Smuzhiyun return -EINVAL;
454*4882a593Smuzhiyun
455*4882a593Smuzhiyun irq = vgic_get_irq(kvm, vcpu, intid);
456*4882a593Smuzhiyun if (!irq)
457*4882a593Smuzhiyun return -EINVAL;
458*4882a593Smuzhiyun
459*4882a593Smuzhiyun raw_spin_lock_irqsave(&irq->irq_lock, flags);
460*4882a593Smuzhiyun
461*4882a593Smuzhiyun if (!vgic_validate_injection(irq, level, owner)) {
462*4882a593Smuzhiyun /* Nothing to see here, move along... */
463*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&irq->irq_lock, flags);
464*4882a593Smuzhiyun vgic_put_irq(kvm, irq);
465*4882a593Smuzhiyun return 0;
466*4882a593Smuzhiyun }
467*4882a593Smuzhiyun
468*4882a593Smuzhiyun if (irq->config == VGIC_CONFIG_LEVEL)
469*4882a593Smuzhiyun irq->line_level = level;
470*4882a593Smuzhiyun else
471*4882a593Smuzhiyun irq->pending_latch = true;
472*4882a593Smuzhiyun
473*4882a593Smuzhiyun vgic_queue_irq_unlock(kvm, irq, flags);
474*4882a593Smuzhiyun vgic_put_irq(kvm, irq);
475*4882a593Smuzhiyun
476*4882a593Smuzhiyun return 0;
477*4882a593Smuzhiyun }
478*4882a593Smuzhiyun
479*4882a593Smuzhiyun /* @irq->irq_lock must be held */
kvm_vgic_map_irq(struct kvm_vcpu * vcpu,struct vgic_irq * irq,unsigned int host_irq,bool (* get_input_level)(int vindid))480*4882a593Smuzhiyun static int kvm_vgic_map_irq(struct kvm_vcpu *vcpu, struct vgic_irq *irq,
481*4882a593Smuzhiyun unsigned int host_irq,
482*4882a593Smuzhiyun bool (*get_input_level)(int vindid))
483*4882a593Smuzhiyun {
484*4882a593Smuzhiyun struct irq_desc *desc;
485*4882a593Smuzhiyun struct irq_data *data;
486*4882a593Smuzhiyun
487*4882a593Smuzhiyun /*
488*4882a593Smuzhiyun * Find the physical IRQ number corresponding to @host_irq
489*4882a593Smuzhiyun */
490*4882a593Smuzhiyun desc = irq_to_desc(host_irq);
491*4882a593Smuzhiyun if (!desc) {
492*4882a593Smuzhiyun kvm_err("%s: no interrupt descriptor\n", __func__);
493*4882a593Smuzhiyun return -EINVAL;
494*4882a593Smuzhiyun }
495*4882a593Smuzhiyun data = irq_desc_get_irq_data(desc);
496*4882a593Smuzhiyun while (data->parent_data)
497*4882a593Smuzhiyun data = data->parent_data;
498*4882a593Smuzhiyun
499*4882a593Smuzhiyun irq->hw = true;
500*4882a593Smuzhiyun irq->host_irq = host_irq;
501*4882a593Smuzhiyun irq->hwintid = data->hwirq;
502*4882a593Smuzhiyun irq->get_input_level = get_input_level;
503*4882a593Smuzhiyun return 0;
504*4882a593Smuzhiyun }
505*4882a593Smuzhiyun
506*4882a593Smuzhiyun /* @irq->irq_lock must be held */
kvm_vgic_unmap_irq(struct vgic_irq * irq)507*4882a593Smuzhiyun static inline void kvm_vgic_unmap_irq(struct vgic_irq *irq)
508*4882a593Smuzhiyun {
509*4882a593Smuzhiyun irq->hw = false;
510*4882a593Smuzhiyun irq->hwintid = 0;
511*4882a593Smuzhiyun irq->get_input_level = NULL;
512*4882a593Smuzhiyun }
513*4882a593Smuzhiyun
kvm_vgic_map_phys_irq(struct kvm_vcpu * vcpu,unsigned int host_irq,u32 vintid,bool (* get_input_level)(int vindid))514*4882a593Smuzhiyun int kvm_vgic_map_phys_irq(struct kvm_vcpu *vcpu, unsigned int host_irq,
515*4882a593Smuzhiyun u32 vintid, bool (*get_input_level)(int vindid))
516*4882a593Smuzhiyun {
517*4882a593Smuzhiyun struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, vintid);
518*4882a593Smuzhiyun unsigned long flags;
519*4882a593Smuzhiyun int ret;
520*4882a593Smuzhiyun
521*4882a593Smuzhiyun BUG_ON(!irq);
522*4882a593Smuzhiyun
523*4882a593Smuzhiyun raw_spin_lock_irqsave(&irq->irq_lock, flags);
524*4882a593Smuzhiyun ret = kvm_vgic_map_irq(vcpu, irq, host_irq, get_input_level);
525*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&irq->irq_lock, flags);
526*4882a593Smuzhiyun vgic_put_irq(vcpu->kvm, irq);
527*4882a593Smuzhiyun
528*4882a593Smuzhiyun return ret;
529*4882a593Smuzhiyun }
530*4882a593Smuzhiyun
531*4882a593Smuzhiyun /**
532*4882a593Smuzhiyun * kvm_vgic_reset_mapped_irq - Reset a mapped IRQ
533*4882a593Smuzhiyun * @vcpu: The VCPU pointer
534*4882a593Smuzhiyun * @vintid: The INTID of the interrupt
535*4882a593Smuzhiyun *
536*4882a593Smuzhiyun * Reset the active and pending states of a mapped interrupt. Kernel
537*4882a593Smuzhiyun * subsystems injecting mapped interrupts should reset their interrupt lines
538*4882a593Smuzhiyun * when we are doing a reset of the VM.
539*4882a593Smuzhiyun */
kvm_vgic_reset_mapped_irq(struct kvm_vcpu * vcpu,u32 vintid)540*4882a593Smuzhiyun void kvm_vgic_reset_mapped_irq(struct kvm_vcpu *vcpu, u32 vintid)
541*4882a593Smuzhiyun {
542*4882a593Smuzhiyun struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, vintid);
543*4882a593Smuzhiyun unsigned long flags;
544*4882a593Smuzhiyun
545*4882a593Smuzhiyun if (!irq->hw)
546*4882a593Smuzhiyun goto out;
547*4882a593Smuzhiyun
548*4882a593Smuzhiyun raw_spin_lock_irqsave(&irq->irq_lock, flags);
549*4882a593Smuzhiyun irq->active = false;
550*4882a593Smuzhiyun irq->pending_latch = false;
551*4882a593Smuzhiyun irq->line_level = false;
552*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&irq->irq_lock, flags);
553*4882a593Smuzhiyun out:
554*4882a593Smuzhiyun vgic_put_irq(vcpu->kvm, irq);
555*4882a593Smuzhiyun }
556*4882a593Smuzhiyun
kvm_vgic_unmap_phys_irq(struct kvm_vcpu * vcpu,unsigned int vintid)557*4882a593Smuzhiyun int kvm_vgic_unmap_phys_irq(struct kvm_vcpu *vcpu, unsigned int vintid)
558*4882a593Smuzhiyun {
559*4882a593Smuzhiyun struct vgic_irq *irq;
560*4882a593Smuzhiyun unsigned long flags;
561*4882a593Smuzhiyun
562*4882a593Smuzhiyun if (!vgic_initialized(vcpu->kvm))
563*4882a593Smuzhiyun return -EAGAIN;
564*4882a593Smuzhiyun
565*4882a593Smuzhiyun irq = vgic_get_irq(vcpu->kvm, vcpu, vintid);
566*4882a593Smuzhiyun BUG_ON(!irq);
567*4882a593Smuzhiyun
568*4882a593Smuzhiyun raw_spin_lock_irqsave(&irq->irq_lock, flags);
569*4882a593Smuzhiyun kvm_vgic_unmap_irq(irq);
570*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&irq->irq_lock, flags);
571*4882a593Smuzhiyun vgic_put_irq(vcpu->kvm, irq);
572*4882a593Smuzhiyun
573*4882a593Smuzhiyun return 0;
574*4882a593Smuzhiyun }
575*4882a593Smuzhiyun
576*4882a593Smuzhiyun /**
577*4882a593Smuzhiyun * kvm_vgic_set_owner - Set the owner of an interrupt for a VM
578*4882a593Smuzhiyun *
579*4882a593Smuzhiyun * @vcpu: Pointer to the VCPU (used for PPIs)
580*4882a593Smuzhiyun * @intid: The virtual INTID identifying the interrupt (PPI or SPI)
581*4882a593Smuzhiyun * @owner: Opaque pointer to the owner
582*4882a593Smuzhiyun *
583*4882a593Smuzhiyun * Returns 0 if intid is not already used by another in-kernel device and the
584*4882a593Smuzhiyun * owner is set, otherwise returns an error code.
585*4882a593Smuzhiyun */
kvm_vgic_set_owner(struct kvm_vcpu * vcpu,unsigned int intid,void * owner)586*4882a593Smuzhiyun int kvm_vgic_set_owner(struct kvm_vcpu *vcpu, unsigned int intid, void *owner)
587*4882a593Smuzhiyun {
588*4882a593Smuzhiyun struct vgic_irq *irq;
589*4882a593Smuzhiyun unsigned long flags;
590*4882a593Smuzhiyun int ret = 0;
591*4882a593Smuzhiyun
592*4882a593Smuzhiyun if (!vgic_initialized(vcpu->kvm))
593*4882a593Smuzhiyun return -EAGAIN;
594*4882a593Smuzhiyun
595*4882a593Smuzhiyun /* SGIs and LPIs cannot be wired up to any device */
596*4882a593Smuzhiyun if (!irq_is_ppi(intid) && !vgic_valid_spi(vcpu->kvm, intid))
597*4882a593Smuzhiyun return -EINVAL;
598*4882a593Smuzhiyun
599*4882a593Smuzhiyun irq = vgic_get_irq(vcpu->kvm, vcpu, intid);
600*4882a593Smuzhiyun raw_spin_lock_irqsave(&irq->irq_lock, flags);
601*4882a593Smuzhiyun if (irq->owner && irq->owner != owner)
602*4882a593Smuzhiyun ret = -EEXIST;
603*4882a593Smuzhiyun else
604*4882a593Smuzhiyun irq->owner = owner;
605*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&irq->irq_lock, flags);
606*4882a593Smuzhiyun
607*4882a593Smuzhiyun return ret;
608*4882a593Smuzhiyun }
609*4882a593Smuzhiyun
610*4882a593Smuzhiyun /**
611*4882a593Smuzhiyun * vgic_prune_ap_list - Remove non-relevant interrupts from the list
612*4882a593Smuzhiyun *
613*4882a593Smuzhiyun * @vcpu: The VCPU pointer
614*4882a593Smuzhiyun *
615*4882a593Smuzhiyun * Go over the list of "interesting" interrupts, and prune those that we
616*4882a593Smuzhiyun * won't have to consider in the near future.
617*4882a593Smuzhiyun */
vgic_prune_ap_list(struct kvm_vcpu * vcpu)618*4882a593Smuzhiyun static void vgic_prune_ap_list(struct kvm_vcpu *vcpu)
619*4882a593Smuzhiyun {
620*4882a593Smuzhiyun struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
621*4882a593Smuzhiyun struct vgic_irq *irq, *tmp;
622*4882a593Smuzhiyun
623*4882a593Smuzhiyun DEBUG_SPINLOCK_BUG_ON(!irqs_disabled());
624*4882a593Smuzhiyun
625*4882a593Smuzhiyun retry:
626*4882a593Smuzhiyun raw_spin_lock(&vgic_cpu->ap_list_lock);
627*4882a593Smuzhiyun
628*4882a593Smuzhiyun list_for_each_entry_safe(irq, tmp, &vgic_cpu->ap_list_head, ap_list) {
629*4882a593Smuzhiyun struct kvm_vcpu *target_vcpu, *vcpuA, *vcpuB;
630*4882a593Smuzhiyun bool target_vcpu_needs_kick = false;
631*4882a593Smuzhiyun
632*4882a593Smuzhiyun raw_spin_lock(&irq->irq_lock);
633*4882a593Smuzhiyun
634*4882a593Smuzhiyun BUG_ON(vcpu != irq->vcpu);
635*4882a593Smuzhiyun
636*4882a593Smuzhiyun target_vcpu = vgic_target_oracle(irq);
637*4882a593Smuzhiyun
638*4882a593Smuzhiyun if (!target_vcpu) {
639*4882a593Smuzhiyun /*
640*4882a593Smuzhiyun * We don't need to process this interrupt any
641*4882a593Smuzhiyun * further, move it off the list.
642*4882a593Smuzhiyun */
643*4882a593Smuzhiyun list_del(&irq->ap_list);
644*4882a593Smuzhiyun irq->vcpu = NULL;
645*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
646*4882a593Smuzhiyun
647*4882a593Smuzhiyun /*
648*4882a593Smuzhiyun * This vgic_put_irq call matches the
649*4882a593Smuzhiyun * vgic_get_irq_kref in vgic_queue_irq_unlock,
650*4882a593Smuzhiyun * where we added the LPI to the ap_list. As
651*4882a593Smuzhiyun * we remove the irq from the list, we drop
652*4882a593Smuzhiyun * also drop the refcount.
653*4882a593Smuzhiyun */
654*4882a593Smuzhiyun vgic_put_irq(vcpu->kvm, irq);
655*4882a593Smuzhiyun continue;
656*4882a593Smuzhiyun }
657*4882a593Smuzhiyun
658*4882a593Smuzhiyun if (target_vcpu == vcpu) {
659*4882a593Smuzhiyun /* We're on the right CPU */
660*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
661*4882a593Smuzhiyun continue;
662*4882a593Smuzhiyun }
663*4882a593Smuzhiyun
664*4882a593Smuzhiyun /* This interrupt looks like it has to be migrated. */
665*4882a593Smuzhiyun
666*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
667*4882a593Smuzhiyun raw_spin_unlock(&vgic_cpu->ap_list_lock);
668*4882a593Smuzhiyun
669*4882a593Smuzhiyun /*
670*4882a593Smuzhiyun * Ensure locking order by always locking the smallest
671*4882a593Smuzhiyun * ID first.
672*4882a593Smuzhiyun */
673*4882a593Smuzhiyun if (vcpu->vcpu_id < target_vcpu->vcpu_id) {
674*4882a593Smuzhiyun vcpuA = vcpu;
675*4882a593Smuzhiyun vcpuB = target_vcpu;
676*4882a593Smuzhiyun } else {
677*4882a593Smuzhiyun vcpuA = target_vcpu;
678*4882a593Smuzhiyun vcpuB = vcpu;
679*4882a593Smuzhiyun }
680*4882a593Smuzhiyun
681*4882a593Smuzhiyun raw_spin_lock(&vcpuA->arch.vgic_cpu.ap_list_lock);
682*4882a593Smuzhiyun raw_spin_lock_nested(&vcpuB->arch.vgic_cpu.ap_list_lock,
683*4882a593Smuzhiyun SINGLE_DEPTH_NESTING);
684*4882a593Smuzhiyun raw_spin_lock(&irq->irq_lock);
685*4882a593Smuzhiyun
686*4882a593Smuzhiyun /*
687*4882a593Smuzhiyun * If the affinity has been preserved, move the
688*4882a593Smuzhiyun * interrupt around. Otherwise, it means things have
689*4882a593Smuzhiyun * changed while the interrupt was unlocked, and we
690*4882a593Smuzhiyun * need to replay this.
691*4882a593Smuzhiyun *
692*4882a593Smuzhiyun * In all cases, we cannot trust the list not to have
693*4882a593Smuzhiyun * changed, so we restart from the beginning.
694*4882a593Smuzhiyun */
695*4882a593Smuzhiyun if (target_vcpu == vgic_target_oracle(irq)) {
696*4882a593Smuzhiyun struct vgic_cpu *new_cpu = &target_vcpu->arch.vgic_cpu;
697*4882a593Smuzhiyun
698*4882a593Smuzhiyun list_del(&irq->ap_list);
699*4882a593Smuzhiyun irq->vcpu = target_vcpu;
700*4882a593Smuzhiyun list_add_tail(&irq->ap_list, &new_cpu->ap_list_head);
701*4882a593Smuzhiyun target_vcpu_needs_kick = true;
702*4882a593Smuzhiyun }
703*4882a593Smuzhiyun
704*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
705*4882a593Smuzhiyun raw_spin_unlock(&vcpuB->arch.vgic_cpu.ap_list_lock);
706*4882a593Smuzhiyun raw_spin_unlock(&vcpuA->arch.vgic_cpu.ap_list_lock);
707*4882a593Smuzhiyun
708*4882a593Smuzhiyun if (target_vcpu_needs_kick) {
709*4882a593Smuzhiyun kvm_make_request(KVM_REQ_IRQ_PENDING, target_vcpu);
710*4882a593Smuzhiyun kvm_vcpu_kick(target_vcpu);
711*4882a593Smuzhiyun }
712*4882a593Smuzhiyun
713*4882a593Smuzhiyun goto retry;
714*4882a593Smuzhiyun }
715*4882a593Smuzhiyun
716*4882a593Smuzhiyun raw_spin_unlock(&vgic_cpu->ap_list_lock);
717*4882a593Smuzhiyun }
718*4882a593Smuzhiyun
vgic_fold_lr_state(struct kvm_vcpu * vcpu)719*4882a593Smuzhiyun static inline void vgic_fold_lr_state(struct kvm_vcpu *vcpu)
720*4882a593Smuzhiyun {
721*4882a593Smuzhiyun if (kvm_vgic_global_state.type == VGIC_V2)
722*4882a593Smuzhiyun vgic_v2_fold_lr_state(vcpu);
723*4882a593Smuzhiyun else
724*4882a593Smuzhiyun vgic_v3_fold_lr_state(vcpu);
725*4882a593Smuzhiyun }
726*4882a593Smuzhiyun
727*4882a593Smuzhiyun /* Requires the irq_lock to be held. */
vgic_populate_lr(struct kvm_vcpu * vcpu,struct vgic_irq * irq,int lr)728*4882a593Smuzhiyun static inline void vgic_populate_lr(struct kvm_vcpu *vcpu,
729*4882a593Smuzhiyun struct vgic_irq *irq, int lr)
730*4882a593Smuzhiyun {
731*4882a593Smuzhiyun lockdep_assert_held(&irq->irq_lock);
732*4882a593Smuzhiyun
733*4882a593Smuzhiyun if (kvm_vgic_global_state.type == VGIC_V2)
734*4882a593Smuzhiyun vgic_v2_populate_lr(vcpu, irq, lr);
735*4882a593Smuzhiyun else
736*4882a593Smuzhiyun vgic_v3_populate_lr(vcpu, irq, lr);
737*4882a593Smuzhiyun }
738*4882a593Smuzhiyun
vgic_clear_lr(struct kvm_vcpu * vcpu,int lr)739*4882a593Smuzhiyun static inline void vgic_clear_lr(struct kvm_vcpu *vcpu, int lr)
740*4882a593Smuzhiyun {
741*4882a593Smuzhiyun if (kvm_vgic_global_state.type == VGIC_V2)
742*4882a593Smuzhiyun vgic_v2_clear_lr(vcpu, lr);
743*4882a593Smuzhiyun else
744*4882a593Smuzhiyun vgic_v3_clear_lr(vcpu, lr);
745*4882a593Smuzhiyun }
746*4882a593Smuzhiyun
vgic_set_underflow(struct kvm_vcpu * vcpu)747*4882a593Smuzhiyun static inline void vgic_set_underflow(struct kvm_vcpu *vcpu)
748*4882a593Smuzhiyun {
749*4882a593Smuzhiyun if (kvm_vgic_global_state.type == VGIC_V2)
750*4882a593Smuzhiyun vgic_v2_set_underflow(vcpu);
751*4882a593Smuzhiyun else
752*4882a593Smuzhiyun vgic_v3_set_underflow(vcpu);
753*4882a593Smuzhiyun }
754*4882a593Smuzhiyun
755*4882a593Smuzhiyun /* Requires the ap_list_lock to be held. */
compute_ap_list_depth(struct kvm_vcpu * vcpu,bool * multi_sgi)756*4882a593Smuzhiyun static int compute_ap_list_depth(struct kvm_vcpu *vcpu,
757*4882a593Smuzhiyun bool *multi_sgi)
758*4882a593Smuzhiyun {
759*4882a593Smuzhiyun struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
760*4882a593Smuzhiyun struct vgic_irq *irq;
761*4882a593Smuzhiyun int count = 0;
762*4882a593Smuzhiyun
763*4882a593Smuzhiyun *multi_sgi = false;
764*4882a593Smuzhiyun
765*4882a593Smuzhiyun lockdep_assert_held(&vgic_cpu->ap_list_lock);
766*4882a593Smuzhiyun
767*4882a593Smuzhiyun list_for_each_entry(irq, &vgic_cpu->ap_list_head, ap_list) {
768*4882a593Smuzhiyun int w;
769*4882a593Smuzhiyun
770*4882a593Smuzhiyun raw_spin_lock(&irq->irq_lock);
771*4882a593Smuzhiyun /* GICv2 SGIs can count for more than one... */
772*4882a593Smuzhiyun w = vgic_irq_get_lr_count(irq);
773*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
774*4882a593Smuzhiyun
775*4882a593Smuzhiyun count += w;
776*4882a593Smuzhiyun *multi_sgi |= (w > 1);
777*4882a593Smuzhiyun }
778*4882a593Smuzhiyun return count;
779*4882a593Smuzhiyun }
780*4882a593Smuzhiyun
781*4882a593Smuzhiyun /* Requires the VCPU's ap_list_lock to be held. */
vgic_flush_lr_state(struct kvm_vcpu * vcpu)782*4882a593Smuzhiyun static void vgic_flush_lr_state(struct kvm_vcpu *vcpu)
783*4882a593Smuzhiyun {
784*4882a593Smuzhiyun struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
785*4882a593Smuzhiyun struct vgic_irq *irq;
786*4882a593Smuzhiyun int count;
787*4882a593Smuzhiyun bool multi_sgi;
788*4882a593Smuzhiyun u8 prio = 0xff;
789*4882a593Smuzhiyun int i = 0;
790*4882a593Smuzhiyun
791*4882a593Smuzhiyun lockdep_assert_held(&vgic_cpu->ap_list_lock);
792*4882a593Smuzhiyun
793*4882a593Smuzhiyun count = compute_ap_list_depth(vcpu, &multi_sgi);
794*4882a593Smuzhiyun if (count > kvm_vgic_global_state.nr_lr || multi_sgi)
795*4882a593Smuzhiyun vgic_sort_ap_list(vcpu);
796*4882a593Smuzhiyun
797*4882a593Smuzhiyun count = 0;
798*4882a593Smuzhiyun
799*4882a593Smuzhiyun list_for_each_entry(irq, &vgic_cpu->ap_list_head, ap_list) {
800*4882a593Smuzhiyun raw_spin_lock(&irq->irq_lock);
801*4882a593Smuzhiyun
802*4882a593Smuzhiyun /*
803*4882a593Smuzhiyun * If we have multi-SGIs in the pipeline, we need to
804*4882a593Smuzhiyun * guarantee that they are all seen before any IRQ of
805*4882a593Smuzhiyun * lower priority. In that case, we need to filter out
806*4882a593Smuzhiyun * these interrupts by exiting early. This is easy as
807*4882a593Smuzhiyun * the AP list has been sorted already.
808*4882a593Smuzhiyun */
809*4882a593Smuzhiyun if (multi_sgi && irq->priority > prio) {
810*4882a593Smuzhiyun _raw_spin_unlock(&irq->irq_lock);
811*4882a593Smuzhiyun break;
812*4882a593Smuzhiyun }
813*4882a593Smuzhiyun
814*4882a593Smuzhiyun if (likely(vgic_target_oracle(irq) == vcpu)) {
815*4882a593Smuzhiyun vgic_populate_lr(vcpu, irq, count++);
816*4882a593Smuzhiyun
817*4882a593Smuzhiyun if (irq->source)
818*4882a593Smuzhiyun prio = irq->priority;
819*4882a593Smuzhiyun }
820*4882a593Smuzhiyun
821*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
822*4882a593Smuzhiyun
823*4882a593Smuzhiyun if (count == kvm_vgic_global_state.nr_lr) {
824*4882a593Smuzhiyun if (!list_is_last(&irq->ap_list,
825*4882a593Smuzhiyun &vgic_cpu->ap_list_head))
826*4882a593Smuzhiyun vgic_set_underflow(vcpu);
827*4882a593Smuzhiyun break;
828*4882a593Smuzhiyun }
829*4882a593Smuzhiyun }
830*4882a593Smuzhiyun
831*4882a593Smuzhiyun /* Nuke remaining LRs */
832*4882a593Smuzhiyun for (i = count ; i < kvm_vgic_global_state.nr_lr; i++)
833*4882a593Smuzhiyun vgic_clear_lr(vcpu, i);
834*4882a593Smuzhiyun
835*4882a593Smuzhiyun if (!static_branch_unlikely(&kvm_vgic_global_state.gicv3_cpuif))
836*4882a593Smuzhiyun vcpu->arch.vgic_cpu.vgic_v2.used_lrs = count;
837*4882a593Smuzhiyun else
838*4882a593Smuzhiyun vcpu->arch.vgic_cpu.vgic_v3.used_lrs = count;
839*4882a593Smuzhiyun }
840*4882a593Smuzhiyun
can_access_vgic_from_kernel(void)841*4882a593Smuzhiyun static inline bool can_access_vgic_from_kernel(void)
842*4882a593Smuzhiyun {
843*4882a593Smuzhiyun /*
844*4882a593Smuzhiyun * GICv2 can always be accessed from the kernel because it is
845*4882a593Smuzhiyun * memory-mapped, and VHE systems can access GICv3 EL2 system
846*4882a593Smuzhiyun * registers.
847*4882a593Smuzhiyun */
848*4882a593Smuzhiyun return !static_branch_unlikely(&kvm_vgic_global_state.gicv3_cpuif) || has_vhe();
849*4882a593Smuzhiyun }
850*4882a593Smuzhiyun
vgic_save_state(struct kvm_vcpu * vcpu)851*4882a593Smuzhiyun static inline void vgic_save_state(struct kvm_vcpu *vcpu)
852*4882a593Smuzhiyun {
853*4882a593Smuzhiyun if (!static_branch_unlikely(&kvm_vgic_global_state.gicv3_cpuif))
854*4882a593Smuzhiyun vgic_v2_save_state(vcpu);
855*4882a593Smuzhiyun else
856*4882a593Smuzhiyun __vgic_v3_save_state(&vcpu->arch.vgic_cpu.vgic_v3);
857*4882a593Smuzhiyun }
858*4882a593Smuzhiyun
859*4882a593Smuzhiyun /* Sync back the hardware VGIC state into our emulation after a guest's run. */
kvm_vgic_sync_hwstate(struct kvm_vcpu * vcpu)860*4882a593Smuzhiyun void kvm_vgic_sync_hwstate(struct kvm_vcpu *vcpu)
861*4882a593Smuzhiyun {
862*4882a593Smuzhiyun int used_lrs;
863*4882a593Smuzhiyun
864*4882a593Smuzhiyun /* An empty ap_list_head implies used_lrs == 0 */
865*4882a593Smuzhiyun if (list_empty(&vcpu->arch.vgic_cpu.ap_list_head))
866*4882a593Smuzhiyun return;
867*4882a593Smuzhiyun
868*4882a593Smuzhiyun if (can_access_vgic_from_kernel())
869*4882a593Smuzhiyun vgic_save_state(vcpu);
870*4882a593Smuzhiyun
871*4882a593Smuzhiyun if (!static_branch_unlikely(&kvm_vgic_global_state.gicv3_cpuif))
872*4882a593Smuzhiyun used_lrs = vcpu->arch.vgic_cpu.vgic_v2.used_lrs;
873*4882a593Smuzhiyun else
874*4882a593Smuzhiyun used_lrs = vcpu->arch.vgic_cpu.vgic_v3.used_lrs;
875*4882a593Smuzhiyun
876*4882a593Smuzhiyun if (used_lrs)
877*4882a593Smuzhiyun vgic_fold_lr_state(vcpu);
878*4882a593Smuzhiyun vgic_prune_ap_list(vcpu);
879*4882a593Smuzhiyun }
880*4882a593Smuzhiyun
vgic_restore_state(struct kvm_vcpu * vcpu)881*4882a593Smuzhiyun static inline void vgic_restore_state(struct kvm_vcpu *vcpu)
882*4882a593Smuzhiyun {
883*4882a593Smuzhiyun if (!static_branch_unlikely(&kvm_vgic_global_state.gicv3_cpuif))
884*4882a593Smuzhiyun vgic_v2_restore_state(vcpu);
885*4882a593Smuzhiyun else
886*4882a593Smuzhiyun __vgic_v3_restore_state(&vcpu->arch.vgic_cpu.vgic_v3);
887*4882a593Smuzhiyun }
888*4882a593Smuzhiyun
889*4882a593Smuzhiyun /* Flush our emulation state into the GIC hardware before entering the guest. */
kvm_vgic_flush_hwstate(struct kvm_vcpu * vcpu)890*4882a593Smuzhiyun void kvm_vgic_flush_hwstate(struct kvm_vcpu *vcpu)
891*4882a593Smuzhiyun {
892*4882a593Smuzhiyun /*
893*4882a593Smuzhiyun * If there are no virtual interrupts active or pending for this
894*4882a593Smuzhiyun * VCPU, then there is no work to do and we can bail out without
895*4882a593Smuzhiyun * taking any lock. There is a potential race with someone injecting
896*4882a593Smuzhiyun * interrupts to the VCPU, but it is a benign race as the VCPU will
897*4882a593Smuzhiyun * either observe the new interrupt before or after doing this check,
898*4882a593Smuzhiyun * and introducing additional synchronization mechanism doesn't change
899*4882a593Smuzhiyun * this.
900*4882a593Smuzhiyun *
901*4882a593Smuzhiyun * Note that we still need to go through the whole thing if anything
902*4882a593Smuzhiyun * can be directly injected (GICv4).
903*4882a593Smuzhiyun */
904*4882a593Smuzhiyun if (list_empty(&vcpu->arch.vgic_cpu.ap_list_head) &&
905*4882a593Smuzhiyun !vgic_supports_direct_msis(vcpu->kvm))
906*4882a593Smuzhiyun return;
907*4882a593Smuzhiyun
908*4882a593Smuzhiyun DEBUG_SPINLOCK_BUG_ON(!irqs_disabled());
909*4882a593Smuzhiyun
910*4882a593Smuzhiyun if (!list_empty(&vcpu->arch.vgic_cpu.ap_list_head)) {
911*4882a593Smuzhiyun raw_spin_lock(&vcpu->arch.vgic_cpu.ap_list_lock);
912*4882a593Smuzhiyun vgic_flush_lr_state(vcpu);
913*4882a593Smuzhiyun raw_spin_unlock(&vcpu->arch.vgic_cpu.ap_list_lock);
914*4882a593Smuzhiyun }
915*4882a593Smuzhiyun
916*4882a593Smuzhiyun if (can_access_vgic_from_kernel())
917*4882a593Smuzhiyun vgic_restore_state(vcpu);
918*4882a593Smuzhiyun
919*4882a593Smuzhiyun if (vgic_supports_direct_msis(vcpu->kvm))
920*4882a593Smuzhiyun vgic_v4_commit(vcpu);
921*4882a593Smuzhiyun }
922*4882a593Smuzhiyun
kvm_vgic_load(struct kvm_vcpu * vcpu)923*4882a593Smuzhiyun void kvm_vgic_load(struct kvm_vcpu *vcpu)
924*4882a593Smuzhiyun {
925*4882a593Smuzhiyun if (unlikely(!vgic_initialized(vcpu->kvm)))
926*4882a593Smuzhiyun return;
927*4882a593Smuzhiyun
928*4882a593Smuzhiyun if (kvm_vgic_global_state.type == VGIC_V2)
929*4882a593Smuzhiyun vgic_v2_load(vcpu);
930*4882a593Smuzhiyun else
931*4882a593Smuzhiyun vgic_v3_load(vcpu);
932*4882a593Smuzhiyun }
933*4882a593Smuzhiyun
kvm_vgic_put(struct kvm_vcpu * vcpu)934*4882a593Smuzhiyun void kvm_vgic_put(struct kvm_vcpu *vcpu)
935*4882a593Smuzhiyun {
936*4882a593Smuzhiyun if (unlikely(!vgic_initialized(vcpu->kvm)))
937*4882a593Smuzhiyun return;
938*4882a593Smuzhiyun
939*4882a593Smuzhiyun if (kvm_vgic_global_state.type == VGIC_V2)
940*4882a593Smuzhiyun vgic_v2_put(vcpu);
941*4882a593Smuzhiyun else
942*4882a593Smuzhiyun vgic_v3_put(vcpu);
943*4882a593Smuzhiyun }
944*4882a593Smuzhiyun
kvm_vgic_vmcr_sync(struct kvm_vcpu * vcpu)945*4882a593Smuzhiyun void kvm_vgic_vmcr_sync(struct kvm_vcpu *vcpu)
946*4882a593Smuzhiyun {
947*4882a593Smuzhiyun if (unlikely(!irqchip_in_kernel(vcpu->kvm)))
948*4882a593Smuzhiyun return;
949*4882a593Smuzhiyun
950*4882a593Smuzhiyun if (kvm_vgic_global_state.type == VGIC_V2)
951*4882a593Smuzhiyun vgic_v2_vmcr_sync(vcpu);
952*4882a593Smuzhiyun else
953*4882a593Smuzhiyun vgic_v3_vmcr_sync(vcpu);
954*4882a593Smuzhiyun }
955*4882a593Smuzhiyun
kvm_vgic_vcpu_pending_irq(struct kvm_vcpu * vcpu)956*4882a593Smuzhiyun int kvm_vgic_vcpu_pending_irq(struct kvm_vcpu *vcpu)
957*4882a593Smuzhiyun {
958*4882a593Smuzhiyun struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
959*4882a593Smuzhiyun struct vgic_irq *irq;
960*4882a593Smuzhiyun bool pending = false;
961*4882a593Smuzhiyun unsigned long flags;
962*4882a593Smuzhiyun struct vgic_vmcr vmcr;
963*4882a593Smuzhiyun
964*4882a593Smuzhiyun if (!vcpu->kvm->arch.vgic.enabled)
965*4882a593Smuzhiyun return false;
966*4882a593Smuzhiyun
967*4882a593Smuzhiyun if (vcpu->arch.vgic_cpu.vgic_v3.its_vpe.pending_last)
968*4882a593Smuzhiyun return true;
969*4882a593Smuzhiyun
970*4882a593Smuzhiyun vgic_get_vmcr(vcpu, &vmcr);
971*4882a593Smuzhiyun
972*4882a593Smuzhiyun raw_spin_lock_irqsave(&vgic_cpu->ap_list_lock, flags);
973*4882a593Smuzhiyun
974*4882a593Smuzhiyun list_for_each_entry(irq, &vgic_cpu->ap_list_head, ap_list) {
975*4882a593Smuzhiyun raw_spin_lock(&irq->irq_lock);
976*4882a593Smuzhiyun pending = irq_is_pending(irq) && irq->enabled &&
977*4882a593Smuzhiyun !irq->active &&
978*4882a593Smuzhiyun irq->priority < vmcr.pmr;
979*4882a593Smuzhiyun raw_spin_unlock(&irq->irq_lock);
980*4882a593Smuzhiyun
981*4882a593Smuzhiyun if (pending)
982*4882a593Smuzhiyun break;
983*4882a593Smuzhiyun }
984*4882a593Smuzhiyun
985*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&vgic_cpu->ap_list_lock, flags);
986*4882a593Smuzhiyun
987*4882a593Smuzhiyun return pending;
988*4882a593Smuzhiyun }
989*4882a593Smuzhiyun
vgic_kick_vcpus(struct kvm * kvm)990*4882a593Smuzhiyun void vgic_kick_vcpus(struct kvm *kvm)
991*4882a593Smuzhiyun {
992*4882a593Smuzhiyun struct kvm_vcpu *vcpu;
993*4882a593Smuzhiyun int c;
994*4882a593Smuzhiyun
995*4882a593Smuzhiyun /*
996*4882a593Smuzhiyun * We've injected an interrupt, time to find out who deserves
997*4882a593Smuzhiyun * a good kick...
998*4882a593Smuzhiyun */
999*4882a593Smuzhiyun kvm_for_each_vcpu(c, vcpu, kvm) {
1000*4882a593Smuzhiyun if (kvm_vgic_vcpu_pending_irq(vcpu)) {
1001*4882a593Smuzhiyun kvm_make_request(KVM_REQ_IRQ_PENDING, vcpu);
1002*4882a593Smuzhiyun kvm_vcpu_kick(vcpu);
1003*4882a593Smuzhiyun }
1004*4882a593Smuzhiyun }
1005*4882a593Smuzhiyun }
1006*4882a593Smuzhiyun
kvm_vgic_map_is_active(struct kvm_vcpu * vcpu,unsigned int vintid)1007*4882a593Smuzhiyun bool kvm_vgic_map_is_active(struct kvm_vcpu *vcpu, unsigned int vintid)
1008*4882a593Smuzhiyun {
1009*4882a593Smuzhiyun struct vgic_irq *irq;
1010*4882a593Smuzhiyun bool map_is_active;
1011*4882a593Smuzhiyun unsigned long flags;
1012*4882a593Smuzhiyun
1013*4882a593Smuzhiyun if (!vgic_initialized(vcpu->kvm))
1014*4882a593Smuzhiyun return false;
1015*4882a593Smuzhiyun
1016*4882a593Smuzhiyun irq = vgic_get_irq(vcpu->kvm, vcpu, vintid);
1017*4882a593Smuzhiyun raw_spin_lock_irqsave(&irq->irq_lock, flags);
1018*4882a593Smuzhiyun map_is_active = irq->hw && irq->active;
1019*4882a593Smuzhiyun raw_spin_unlock_irqrestore(&irq->irq_lock, flags);
1020*4882a593Smuzhiyun vgic_put_irq(vcpu->kvm, irq);
1021*4882a593Smuzhiyun
1022*4882a593Smuzhiyun return map_is_active;
1023*4882a593Smuzhiyun }
1024