[qemu.git] / target-s390x / ioinst.c

/*
 * I/O instructions for S/390
 *
 * Copyright 2012 IBM Corp.
 * Author(s): Cornelia Huck <cornelia.huck@de.ibm.com>
 *
 * This work is licensed under the terms of the GNU GPL, version 2 or (at
 * your option) any later version. See the COPYING file in the top-level
 * directory.
 */

#include <sys/types.h>

#include "cpu.h"
#include "ioinst.h"
#include "trace.h"

int ioinst_disassemble_sch_ident(uint32_t value, int *m, int *cssid, int *ssid,
                                 int *schid)
{
    if (!IOINST_SCHID_ONE(value)) {
        return -EINVAL;
    }
    if (!IOINST_SCHID_M(value)) {
        if (IOINST_SCHID_CSSID(value)) {
            return -EINVAL;
        }
        *cssid = 0;
        *m = 0;
    } else {
        *cssid = IOINST_SCHID_CSSID(value);
        *m = 1;
    }
    *ssid = IOINST_SCHID_SSID(value);
    *schid = IOINST_SCHID_NR(value);
    return 0;
}

void ioinst_handle_xsch(S390CPU *cpu, uint64_t reg1)
{
    int cssid, ssid, schid, m;
    SubchDev *sch;
    int ret = -ENODEV;
    int cc;

    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
        program_interrupt(&cpu->env, PGM_OPERAND, 2);
        return;
    }
    trace_ioinst_sch_id("xsch", cssid, ssid, schid);
    sch = css_find_subch(m, cssid, ssid, schid);
    if (sch && css_subch_visible(sch)) {
        ret = css_do_xsch(sch);
    }
    switch (ret) {
    case -ENODEV:
        cc = 3;
        break;
    case -EBUSY:
        cc = 2;
        break;
    case 0:
        cc = 0;
        break;
    default:
        cc = 1;
        break;
    }
    setcc(cpu, cc);
}

void ioinst_handle_csch(S390CPU *cpu, uint64_t reg1)
{
    int cssid, ssid, schid, m;
    SubchDev *sch;
    int ret = -ENODEV;
    int cc;

    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
        program_interrupt(&cpu->env, PGM_OPERAND, 2);
        return;
    }
    trace_ioinst_sch_id("csch", cssid, ssid, schid);
    sch = css_find_subch(m, cssid, ssid, schid);
    if (sch && css_subch_visible(sch)) {
        ret = css_do_csch(sch);
    }
    if (ret == -ENODEV) {
        cc = 3;
    } else {
        cc = 0;
    }
    setcc(cpu, cc);
}

void ioinst_handle_hsch(S390CPU *cpu, uint64_t reg1)
{
    int cssid, ssid, schid, m;
    SubchDev *sch;
    int ret = -ENODEV;
    int cc;

    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
        program_interrupt(&cpu->env, PGM_OPERAND, 2);
        return;
    }
    trace_ioinst_sch_id("hsch", cssid, ssid, schid);
    sch = css_find_subch(m, cssid, ssid, schid);
    if (sch && css_subch_visible(sch)) {
        ret = css_do_hsch(sch);
    }
    switch (ret) {
    case -ENODEV:
        cc = 3;
        break;
    case -EBUSY:
        cc = 2;
        break;
    case 0:
        cc = 0;
        break;
    default:
        cc = 1;
        break;
    }
    setcc(cpu, cc);
}

static int ioinst_schib_valid(SCHIB *schib)
{
    if ((schib->pmcw.flags & PMCW_FLAGS_MASK_INVALID) ||
        (schib->pmcw.chars & PMCW_CHARS_MASK_INVALID)) {
        return 0;
    }
    /* Disallow extended measurements for now. */
    if (schib->pmcw.chars & PMCW_CHARS_MASK_XMWME) {
        return 0;
    }
    return 1;
}

void ioinst_handle_msch(S390CPU *cpu, uint64_t reg1, uint32_t ipb)
{
    int cssid, ssid, schid, m;
    SubchDev *sch;
    SCHIB *schib;
    uint64_t addr;
    int ret = -ENODEV;
    int cc;
    hwaddr len = sizeof(*schib);
    CPUS390XState *env = &cpu->env;

    addr = decode_basedisp_s(env, ipb);
    if (addr & 3) {
        program_interrupt(env, PGM_SPECIFICATION, 2);
        return;
    }
    schib = s390_cpu_physical_memory_map(env, addr, &len, 0);
    if (!schib || len != sizeof(*schib)) {
        program_interrupt(env, PGM_ADDRESSING, 2);
        goto out;
    }
    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid) ||
        !ioinst_schib_valid(schib)) {
        program_interrupt(env, PGM_OPERAND, 2);
        goto out;
    }
    trace_ioinst_sch_id("msch", cssid, ssid, schid);
    sch = css_find_subch(m, cssid, ssid, schid);
    if (sch && css_subch_visible(sch)) {
        ret = css_do_msch(sch, schib);
    }
    switch (ret) {
    case -ENODEV:
        cc = 3;
        break;
    case -EBUSY:
        cc = 2;
        break;
    case 0:
        cc = 0;
        break;
    default:
        cc = 1;
        break;
    }
    setcc(cpu, cc);

out:
    s390_cpu_physical_memory_unmap(env, schib, len, 0);
}

static void copy_orb_from_guest(ORB *dest, const ORB *src)
{
    dest->intparm = be32_to_cpu(src->intparm);
    dest->ctrl0 = be16_to_cpu(src->ctrl0);
    dest->lpm = src->lpm;
    dest->ctrl1 = src->ctrl1;
    dest->cpa = be32_to_cpu(src->cpa);
}

static int ioinst_orb_valid(ORB *orb)
{
    if ((orb->ctrl0 & ORB_CTRL0_MASK_INVALID) ||
        (orb->ctrl1 & ORB_CTRL1_MASK_INVALID)) {
        return 0;
    }
    if ((orb->cpa & HIGH_ORDER_BIT) != 0) {
        return 0;
    }
    return 1;
}

void ioinst_handle_ssch(S390CPU *cpu, uint64_t reg1, uint32_t ipb)
{
    int cssid, ssid, schid, m;
    SubchDev *sch;
    ORB *orig_orb, orb;
    uint64_t addr;
    int ret = -ENODEV;
    int cc;
    hwaddr len = sizeof(*orig_orb);
    CPUS390XState *env = &cpu->env;

    addr = decode_basedisp_s(env, ipb);
    if (addr & 3) {
        program_interrupt(env, PGM_SPECIFICATION, 2);
        return;
    }
    orig_orb = s390_cpu_physical_memory_map(env, addr, &len, 0);
    if (!orig_orb || len != sizeof(*orig_orb)) {
        program_interrupt(env, PGM_ADDRESSING, 2);
        goto out;
    }
    copy_orb_from_guest(&orb, orig_orb);
    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid) ||
        !ioinst_orb_valid(&orb)) {
        program_interrupt(env, PGM_OPERAND, 2);
        goto out;
    }
    trace_ioinst_sch_id("ssch", cssid, ssid, schid);
    sch = css_find_subch(m, cssid, ssid, schid);
    if (sch && css_subch_visible(sch)) {
        ret = css_do_ssch(sch, &orb);
    }
    switch (ret) {
    case -ENODEV:
        cc = 3;
        break;
    case -EBUSY:
        cc = 2;
        break;
    case 0:
        cc = 0;
        break;
    default:
        cc = 1;
        break;
    }
    setcc(cpu, cc);

out:
    s390_cpu_physical_memory_unmap(env, orig_orb, len, 0);
}

void ioinst_handle_stcrw(S390CPU *cpu, uint32_t ipb)
{
    CRW *crw;
    uint64_t addr;
    int cc;
    hwaddr len = sizeof(*crw);
    CPUS390XState *env = &cpu->env;

    addr = decode_basedisp_s(env, ipb);
    if (addr & 3) {
        program_interrupt(env, PGM_SPECIFICATION, 2);
        return;
    }
    crw = s390_cpu_physical_memory_map(env, addr, &len, 1);
    if (!crw || len != sizeof(*crw)) {
        program_interrupt(env, PGM_ADDRESSING, 2);
        goto out;
    }
    cc = css_do_stcrw(crw);
    /* 0 - crw stored, 1 - zeroes stored */
    setcc(cpu, cc);

out:
    s390_cpu_physical_memory_unmap(env, crw, len, 1);
}

void ioinst_handle_stsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb)
{
    int cssid, ssid, schid, m;
    SubchDev *sch;
    uint64_t addr;
    int cc;
    SCHIB *schib;
    hwaddr len = sizeof(*schib);
    CPUS390XState *env = &cpu->env;

    addr = decode_basedisp_s(env, ipb);
    if (addr & 3) {
        program_interrupt(env, PGM_SPECIFICATION, 2);
        return;
    }
    schib = s390_cpu_physical_memory_map(env, addr, &len, 1);
    if (!schib || len != sizeof(*schib)) {
        program_interrupt(env, PGM_ADDRESSING, 2);
        goto out;
    }

    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
        program_interrupt(env, PGM_OPERAND, 2);
        goto out;
    }
    trace_ioinst_sch_id("stsch", cssid, ssid, schid);
    sch = css_find_subch(m, cssid, ssid, schid);
    if (sch) {
        if (css_subch_visible(sch)) {
            css_do_stsch(sch, schib);
            cc = 0;
        } else {
            /* Indicate no more subchannels in this css/ss */
            cc = 3;
        }
    } else {
        if (css_schid_final(m, cssid, ssid, schid)) {
            cc = 3; /* No more subchannels in this css/ss */
        } else {
            /* Store an empty schib. */
            memset(schib, 0, sizeof(*schib));
            cc = 0;
        }
    }
    setcc(cpu, cc);

out:
    s390_cpu_physical_memory_unmap(env, schib, len, 1);
}

int ioinst_handle_tsch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
{
    int cssid, ssid, schid, m;
    SubchDev *sch;
    IRB *irb;
    uint64_t addr;
    int ret = -ENODEV;
    int cc;
    hwaddr len = sizeof(*irb);

    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
        program_interrupt(env, PGM_OPERAND, 2);
        return -EIO;
    }
    trace_ioinst_sch_id("tsch", cssid, ssid, schid);
    addr = decode_basedisp_s(env, ipb);
    if (addr & 3) {
        program_interrupt(env, PGM_SPECIFICATION, 2);
        return -EIO;
    }
    irb = s390_cpu_physical_memory_map(env, addr, &len, 1);
    if (!irb || len != sizeof(*irb)) {
        program_interrupt(env, PGM_ADDRESSING, 2);
        cc = -EIO;
        goto out;
    }
    sch = css_find_subch(m, cssid, ssid, schid);
    if (sch && css_subch_visible(sch)) {
        ret = css_do_tsch(sch, irb);
        /* 0 - status pending, 1 - not status pending */
        cc = ret;
    } else {
        cc = 3;
    }
out:
    s390_cpu_physical_memory_unmap(env, irb, sizeof(*irb), 1);
    return cc;
}

typedef struct ChscReq {
    uint16_t len;
    uint16_t command;
    uint32_t param0;
    uint32_t param1;
    uint32_t param2;
} QEMU_PACKED ChscReq;

typedef struct ChscResp {
    uint16_t len;
    uint16_t code;
    uint32_t param;
    char data[0];
} QEMU_PACKED ChscResp;

#define CHSC_MIN_RESP_LEN 0x0008

#define CHSC_SCPD 0x0002
#define CHSC_SCSC 0x0010
#define CHSC_SDA  0x0031

#define CHSC_SCPD_0_M 0x20000000
#define CHSC_SCPD_0_C 0x10000000
#define CHSC_SCPD_0_FMT 0x0f000000
#define CHSC_SCPD_0_CSSID 0x00ff0000
#define CHSC_SCPD_0_RFMT 0x00000f00
#define CHSC_SCPD_0_RES 0xc000f000
#define CHSC_SCPD_1_RES 0xffffff00
#define CHSC_SCPD_01_CHPID 0x000000ff
static void ioinst_handle_chsc_scpd(ChscReq *req, ChscResp *res)
{
    uint16_t len = be16_to_cpu(req->len);
    uint32_t param0 = be32_to_cpu(req->param0);
    uint32_t param1 = be32_to_cpu(req->param1);
    uint16_t resp_code;
    int rfmt;
    uint16_t cssid;
    uint8_t f_chpid, l_chpid;
    int desc_size;
    int m;

    rfmt = (param0 & CHSC_SCPD_0_RFMT) >> 8;
    if ((rfmt == 0) ||  (rfmt == 1)) {
        rfmt = !!(param0 & CHSC_SCPD_0_C);
    }
    if ((len != 0x0010) || (param0 & CHSC_SCPD_0_RES) ||
        (param1 & CHSC_SCPD_1_RES) || req->param2) {
        resp_code = 0x0003;
        goto out_err;
    }
    if (param0 & CHSC_SCPD_0_FMT) {
        resp_code = 0x0007;
        goto out_err;
    }
    cssid = (param0 & CHSC_SCPD_0_CSSID) >> 16;
    m = param0 & CHSC_SCPD_0_M;
    if (cssid != 0) {
        if (!m || !css_present(cssid)) {
            resp_code = 0x0008;
            goto out_err;
        }
    }
    f_chpid = param0 & CHSC_SCPD_01_CHPID;
    l_chpid = param1 & CHSC_SCPD_01_CHPID;
    if (l_chpid < f_chpid) {
        resp_code = 0x0003;
        goto out_err;
    }
    /* css_collect_chp_desc() is endian-aware */
    desc_size = css_collect_chp_desc(m, cssid, f_chpid, l_chpid, rfmt,
                                     &res->data);
    res->code = cpu_to_be16(0x0001);
    res->len = cpu_to_be16(8 + desc_size);
    res->param = cpu_to_be32(rfmt);
    return;

  out_err:
    res->code = cpu_to_be16(resp_code);
    res->len = cpu_to_be16(CHSC_MIN_RESP_LEN);
    res->param = cpu_to_be32(rfmt);
}

#define CHSC_SCSC_0_M 0x20000000
#define CHSC_SCSC_0_FMT 0x000f0000
#define CHSC_SCSC_0_CSSID 0x0000ff00
#define CHSC_SCSC_0_RES 0xdff000ff
static void ioinst_handle_chsc_scsc(ChscReq *req, ChscResp *res)
{
    uint16_t len = be16_to_cpu(req->len);
    uint32_t param0 = be32_to_cpu(req->param0);
    uint8_t cssid;
    uint16_t resp_code;
    uint32_t general_chars[510];
    uint32_t chsc_chars[508];

    if (len != 0x0010) {
        resp_code = 0x0003;
        goto out_err;
    }

    if (param0 & CHSC_SCSC_0_FMT) {
        resp_code = 0x0007;
        goto out_err;
    }
    cssid = (param0 & CHSC_SCSC_0_CSSID) >> 8;
    if (cssid != 0) {
        if (!(param0 & CHSC_SCSC_0_M) || !css_present(cssid)) {
            resp_code = 0x0008;
            goto out_err;
        }
    }
    if ((param0 & CHSC_SCSC_0_RES) || req->param1 || req->param2) {
        resp_code = 0x0003;
        goto out_err;
    }
    res->code = cpu_to_be16(0x0001);
    res->len = cpu_to_be16(4080);
    res->param = 0;

    memset(general_chars, 0, sizeof(general_chars));
    memset(chsc_chars, 0, sizeof(chsc_chars));

    general_chars[0] = cpu_to_be32(0x03000000);
    general_chars[1] = cpu_to_be32(0x00059000);

    chsc_chars[0] = cpu_to_be32(0x40000000);
    chsc_chars[3] = cpu_to_be32(0x00040000);

    memcpy(res->data, general_chars, sizeof(general_chars));
    memcpy(res->data + sizeof(general_chars), chsc_chars, sizeof(chsc_chars));
    return;

  out_err:
    res->code = cpu_to_be16(resp_code);
    res->len = cpu_to_be16(CHSC_MIN_RESP_LEN);
    res->param = 0;
}

#define CHSC_SDA_0_FMT 0x0f000000
#define CHSC_SDA_0_OC 0x0000ffff
#define CHSC_SDA_0_RES 0xf0ff0000
#define CHSC_SDA_OC_MCSSE 0x0
#define CHSC_SDA_OC_MSS 0x2
static void ioinst_handle_chsc_sda(ChscReq *req, ChscResp *res)
{
    uint16_t resp_code = 0x0001;
    uint16_t len = be16_to_cpu(req->len);
    uint32_t param0 = be32_to_cpu(req->param0);
    uint16_t oc;
    int ret;

    if ((len != 0x0400) || (param0 & CHSC_SDA_0_RES)) {
        resp_code = 0x0003;
        goto out;
    }

    if (param0 & CHSC_SDA_0_FMT) {
        resp_code = 0x0007;
        goto out;
    }

    oc = param0 & CHSC_SDA_0_OC;
    switch (oc) {
    case CHSC_SDA_OC_MCSSE:
        ret = css_enable_mcsse();
        if (ret == -EINVAL) {
            resp_code = 0x0101;
            goto out;
        }
        break;
    case CHSC_SDA_OC_MSS:
        ret = css_enable_mss();
        if (ret == -EINVAL) {
            resp_code = 0x0101;
            goto out;
        }
        break;
    default:
        resp_code = 0x0003;
        goto out;
    }

out:
    res->code = cpu_to_be16(resp_code);
    res->len = cpu_to_be16(CHSC_MIN_RESP_LEN);
    res->param = 0;
}

static void ioinst_handle_chsc_unimplemented(ChscResp *res)
{
    res->len = cpu_to_be16(CHSC_MIN_RESP_LEN);
    res->code = cpu_to_be16(0x0004);
    res->param = 0;
}

void ioinst_handle_chsc(S390CPU *cpu, uint32_t ipb)
{
    ChscReq *req;
    ChscResp *res;
    uint64_t addr;
    int reg;
    uint16_t len;
    uint16_t command;
    hwaddr map_size = TARGET_PAGE_SIZE;
    CPUS390XState *env = &cpu->env;

    trace_ioinst("chsc");
    reg = (ipb >> 20) & 0x00f;
    addr = env->regs[reg];
    /* Page boundary? */
    if (addr & 0xfff) {
        program_interrupt(env, PGM_SPECIFICATION, 2);
        return;
    }
    req = s390_cpu_physical_memory_map(env, addr, &map_size, 1);
    if (!req || map_size != TARGET_PAGE_SIZE) {
        program_interrupt(env, PGM_ADDRESSING, 2);
        goto out;
    }
    len = be16_to_cpu(req->len);
    /* Length field valid? */
    if ((len < 16) || (len > 4088) || (len & 7)) {
        program_interrupt(env, PGM_OPERAND, 2);
        goto out;
    }
    memset((char *)req + len, 0, TARGET_PAGE_SIZE - len);
    res = (void *)((char *)req + len);
    command = be16_to_cpu(req->command);
    trace_ioinst_chsc_cmd(command, len);
    switch (command) {
    case CHSC_SCSC:
        ioinst_handle_chsc_scsc(req, res);
        break;
    case CHSC_SCPD:
        ioinst_handle_chsc_scpd(req, res);
        break;
    case CHSC_SDA:
        ioinst_handle_chsc_sda(req, res);
        break;
    default:
        ioinst_handle_chsc_unimplemented(res);
        break;
    }

out:
    s390_cpu_physical_memory_unmap(env, req, map_size, 1);
}

int ioinst_handle_tpi(CPUS390XState *env, uint32_t ipb)
{
    uint64_t addr;
    int lowcore;
    IOIntCode *int_code;
    hwaddr len, orig_len;
    int ret;

    trace_ioinst("tpi");
    addr = decode_basedisp_s(env, ipb);
    if (addr & 3) {
        program_interrupt(env, PGM_SPECIFICATION, 2);
        return -EIO;
    }

    lowcore = addr ? 0 : 1;
    len = lowcore ? 8 /* two words */ : 12 /* three words */;
    orig_len = len;
    int_code = s390_cpu_physical_memory_map(env, addr, &len, 1);
    if (!int_code || (len != orig_len)) {
        program_interrupt(env, PGM_ADDRESSING, 2);
        ret = -EIO;
        goto out;
    }
    ret = css_do_tpi(int_code, lowcore);
out:
    s390_cpu_physical_memory_unmap(env, int_code, len, 1);
    return ret;
}

#define SCHM_REG1_RES(_reg) (_reg & 0x000000000ffffffc)
#define SCHM_REG1_MBK(_reg) ((_reg & 0x00000000f0000000) >> 28)
#define SCHM_REG1_UPD(_reg) ((_reg & 0x0000000000000002) >> 1)
#define SCHM_REG1_DCT(_reg) (_reg & 0x0000000000000001)

void ioinst_handle_schm(S390CPU *cpu, uint64_t reg1, uint64_t reg2,
                        uint32_t ipb)
{
    uint8_t mbk;
    int update;
    int dct;
    CPUS390XState *env = &cpu->env;

    trace_ioinst("schm");

    if (SCHM_REG1_RES(reg1)) {
        program_interrupt(env, PGM_OPERAND, 2);
        return;
    }

    mbk = SCHM_REG1_MBK(reg1);
    update = SCHM_REG1_UPD(reg1);
    dct = SCHM_REG1_DCT(reg1);

    if (update && (reg2 & 0x000000000000001f)) {
        program_interrupt(env, PGM_OPERAND, 2);
        return;
    }

    css_do_schm(mbk, update, dct, update ? reg2 : 0);
}

void ioinst_handle_rsch(S390CPU *cpu, uint64_t reg1)
{
    int cssid, ssid, schid, m;
    SubchDev *sch;
    int ret = -ENODEV;
    int cc;

    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
        program_interrupt(&cpu->env, PGM_OPERAND, 2);
        return;
    }
    trace_ioinst_sch_id("rsch", cssid, ssid, schid);
    sch = css_find_subch(m, cssid, ssid, schid);
    if (sch && css_subch_visible(sch)) {
        ret = css_do_rsch(sch);
    }
    switch (ret) {
    case -ENODEV:
        cc = 3;
        break;
    case -EINVAL:
        cc = 2;
        break;
    case 0:
        cc = 0;
        break;
    default:
        cc = 1;
        break;
    }
    setcc(cpu, cc);
}

#define RCHP_REG1_RES(_reg) (_reg & 0x00000000ff00ff00)
#define RCHP_REG1_CSSID(_reg) ((_reg & 0x0000000000ff0000) >> 16)
#define RCHP_REG1_CHPID(_reg) (_reg & 0x00000000000000ff)
void ioinst_handle_rchp(S390CPU *cpu, uint64_t reg1)
{
    int cc;
    uint8_t cssid;
    uint8_t chpid;
    int ret;
    CPUS390XState *env = &cpu->env;

    if (RCHP_REG1_RES(reg1)) {
        program_interrupt(env, PGM_OPERAND, 2);
        return;
    }

    cssid = RCHP_REG1_CSSID(reg1);
    chpid = RCHP_REG1_CHPID(reg1);

    trace_ioinst_chp_id("rchp", cssid, chpid);

    ret = css_do_rchp(cssid, chpid);

    switch (ret) {
    case -ENODEV:
        cc = 3;
        break;
    case -EBUSY:
        cc = 2;
        break;
    case 0:
        cc = 0;
        break;
    default:
        /* Invalid channel subsystem. */
        program_interrupt(env, PGM_OPERAND, 2);
        return;
    }
    setcc(cpu, cc);
}

#define SAL_REG1_INVALID(_reg) (_reg & 0x0000000080000000)
void ioinst_handle_sal(S390CPU *cpu, uint64_t reg1)
{
    /* We do not provide address limit checking, so let's suppress it. */
    if (SAL_REG1_INVALID(reg1) || reg1 & 0x000000000000ffff) {
        program_interrupt(&cpu->env, PGM_OPERAND, 2);
    }
}
Commit	Line	Data
db1c8f53 CH	1	/*
	2	* I/O instructions for S/390
	3	*
	4	* Copyright 2012 IBM Corp.
	5	* Author(s): Cornelia Huck <cornelia.huck@de.ibm.com>
	6	*
	7	* This work is licensed under the terms of the GNU GPL, version 2 or (at
	8	* your option) any later version. See the COPYING file in the top-level
	9	* directory.
	10	*/
	11
	12	#include <sys/types.h>
	13
	14	#include "cpu.h"
	15	#include "ioinst.h"
7b18aad5	16	#include "trace.h"
db1c8f53 CH	17
	18	int ioinst_disassemble_sch_ident(uint32_t value, int m, int cssid, int *ssid,
	19	int *schid)
	20	{
	21	if (!IOINST_SCHID_ONE(value)) {
	22	return -EINVAL;
	23	}
	24	if (!IOINST_SCHID_M(value)) {
	25	if (IOINST_SCHID_CSSID(value)) {
	26	return -EINVAL;
	27	}
	28	*cssid = 0;
	29	*m = 0;
	30	} else {
	31	*cssid = IOINST_SCHID_CSSID(value);
	32	*m = 1;
	33	}
	34	*ssid = IOINST_SCHID_SSID(value);
	35	*schid = IOINST_SCHID_NR(value);
	36	return 0;
	37	}
7b18aad5	38
5d9bf1c0	39	void ioinst_handle_xsch(S390CPU *cpu, uint64_t reg1)
7b18aad5 CH	40	{
	41	int cssid, ssid, schid, m;
	42	SubchDev *sch;
	43	int ret = -ENODEV;
	44	int cc;
	45
	46	if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
5d9bf1c0 TH	47	program_interrupt(&cpu->env, PGM_OPERAND, 2);
5d9bf1c0 TH	48	return;
7b18aad5 CH	49	}
	50	trace_ioinst_sch_id("xsch", cssid, ssid, schid);
	51	sch = css_find_subch(m, cssid, ssid, schid);
	52	if (sch && css_subch_visible(sch)) {
	53	ret = css_do_xsch(sch);
	54	}
	55	switch (ret) {
	56	case -ENODEV:
	57	cc = 3;
	58	break;
	59	case -EBUSY:
	60	cc = 2;
	61	break;
	62	case 0:
	63	cc = 0;
	64	break;
	65	default:
	66	cc = 1;
	67	break;
	68	}
5d9bf1c0	69	setcc(cpu, cc);
7b18aad5 CH	70	}
7b18aad5 CH	71
5d9bf1c0	72	void ioinst_handle_csch(S390CPU *cpu, uint64_t reg1)
7b18aad5 CH	73	{
	74	int cssid, ssid, schid, m;
	75	SubchDev *sch;
	76	int ret = -ENODEV;
	77	int cc;
	78
	79	if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
5d9bf1c0 TH	80	program_interrupt(&cpu->env, PGM_OPERAND, 2);
5d9bf1c0 TH	81	return;
7b18aad5 CH	82	}
	83	trace_ioinst_sch_id("csch", cssid, ssid, schid);
	84	sch = css_find_subch(m, cssid, ssid, schid);
	85	if (sch && css_subch_visible(sch)) {
	86	ret = css_do_csch(sch);
	87	}
	88	if (ret == -ENODEV) {
	89	cc = 3;
	90	} else {
	91	cc = 0;
	92	}
5d9bf1c0	93	setcc(cpu, cc);
7b18aad5 CH	94	}
7b18aad5 CH	95
5d9bf1c0	96	void ioinst_handle_hsch(S390CPU *cpu, uint64_t reg1)
7b18aad5 CH	97	{
	98	int cssid, ssid, schid, m;
	99	SubchDev *sch;
	100	int ret = -ENODEV;
	101	int cc;
	102
	103	if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
5d9bf1c0 TH	104	program_interrupt(&cpu->env, PGM_OPERAND, 2);
5d9bf1c0 TH	105	return;
7b18aad5 CH	106	}
	107	trace_ioinst_sch_id("hsch", cssid, ssid, schid);
	108	sch = css_find_subch(m, cssid, ssid, schid);
	109	if (sch && css_subch_visible(sch)) {
	110	ret = css_do_hsch(sch);
	111	}
	112	switch (ret) {
	113	case -ENODEV:
	114	cc = 3;
	115	break;
	116	case -EBUSY:
	117	cc = 2;
	118	break;
	119	case 0:
	120	cc = 0;
	121	break;
	122	default:
	123	cc = 1;
	124	break;
	125	}
5d9bf1c0	126	setcc(cpu, cc);
7b18aad5 CH	127	}
	128
	129	static int ioinst_schib_valid(SCHIB *schib)
	130	{
	131	if ((schib->pmcw.flags & PMCW_FLAGS_MASK_INVALID) \|\|
	132	(schib->pmcw.chars & PMCW_CHARS_MASK_INVALID)) {
	133	return 0;
	134	}
	135	/* Disallow extended measurements for now. */
	136	if (schib->pmcw.chars & PMCW_CHARS_MASK_XMWME) {
	137	return 0;
	138	}
	139	return 1;
	140	}
	141
5d9bf1c0	142	void ioinst_handle_msch(S390CPU *cpu, uint64_t reg1, uint32_t ipb)
7b18aad5 CH	143	{
	144	int cssid, ssid, schid, m;
	145	SubchDev *sch;
	146	SCHIB *schib;
	147	uint64_t addr;
	148	int ret = -ENODEV;
	149	int cc;
	150	hwaddr len = sizeof(*schib);
5d9bf1c0	151	CPUS390XState *env = &cpu->env;
7b18aad5	152
7b18aad5	153	addr = decode_basedisp_s(env, ipb);
61bf0dcb TH	154	if (addr & 3) {
61bf0dcb TH	155	program_interrupt(env, PGM_SPECIFICATION, 2);
5d9bf1c0	156	return;
61bf0dcb	157	}
7b18aad5 CH	158	schib = s390_cpu_physical_memory_map(env, addr, &len, 0);
7b18aad5 CH	159	if (!schib \|\| len != sizeof(*schib)) {
0056fc9e	160	program_interrupt(env, PGM_ADDRESSING, 2);
7b18aad5 CH	161	goto out;
7b18aad5 CH	162	}
71ed827a TH	163	if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid) \|\|
71ed827a TH	164	!ioinst_schib_valid(schib)) {
7b18aad5	165	program_interrupt(env, PGM_OPERAND, 2);
7b18aad5 CH	166	goto out;
7b18aad5 CH	167	}
71ed827a	168	trace_ioinst_sch_id("msch", cssid, ssid, schid);
7b18aad5 CH	169	sch = css_find_subch(m, cssid, ssid, schid);
	170	if (sch && css_subch_visible(sch)) {
	171	ret = css_do_msch(sch, schib);
	172	}
	173	switch (ret) {
	174	case -ENODEV:
	175	cc = 3;
	176	break;
	177	case -EBUSY:
	178	cc = 2;
	179	break;
	180	case 0:
	181	cc = 0;
	182	break;
	183	default:
	184	cc = 1;
	185	break;
	186	}
5d9bf1c0 TH	187	setcc(cpu, cc);
5d9bf1c0 TH	188
7b18aad5 CH	189	out:
7b18aad5 CH	190	s390_cpu_physical_memory_unmap(env, schib, len, 0);
7b18aad5 CH	191	}
	192
	193	static void copy_orb_from_guest(ORB dest, const ORB src)
	194	{
	195	dest->intparm = be32_to_cpu(src->intparm);
	196	dest->ctrl0 = be16_to_cpu(src->ctrl0);
	197	dest->lpm = src->lpm;
	198	dest->ctrl1 = src->ctrl1;
	199	dest->cpa = be32_to_cpu(src->cpa);
	200	}
	201
	202	static int ioinst_orb_valid(ORB *orb)
	203	{
	204	if ((orb->ctrl0 & ORB_CTRL0_MASK_INVALID) \|\|
	205	(orb->ctrl1 & ORB_CTRL1_MASK_INVALID)) {
	206	return 0;
	207	}
	208	if ((orb->cpa & HIGH_ORDER_BIT) != 0) {
	209	return 0;
	210	}
	211	return 1;
	212	}
	213
5d9bf1c0	214	void ioinst_handle_ssch(S390CPU *cpu, uint64_t reg1, uint32_t ipb)
7b18aad5 CH	215	{
	216	int cssid, ssid, schid, m;
	217	SubchDev *sch;
	218	ORB *orig_orb, orb;
	219	uint64_t addr;
	220	int ret = -ENODEV;
	221	int cc;
	222	hwaddr len = sizeof(*orig_orb);
5d9bf1c0	223	CPUS390XState *env = &cpu->env;
7b18aad5	224
7b18aad5	225	addr = decode_basedisp_s(env, ipb);
61bf0dcb TH	226	if (addr & 3) {
61bf0dcb TH	227	program_interrupt(env, PGM_SPECIFICATION, 2);
5d9bf1c0	228	return;
61bf0dcb	229	}
7b18aad5 CH	230	orig_orb = s390_cpu_physical_memory_map(env, addr, &len, 0);
7b18aad5 CH	231	if (!orig_orb \|\| len != sizeof(*orig_orb)) {
0056fc9e	232	program_interrupt(env, PGM_ADDRESSING, 2);
7b18aad5 CH	233	goto out;
	234	}
	235	copy_orb_from_guest(&orb, orig_orb);
71ed827a TH	236	if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid) \|\|
71ed827a TH	237	!ioinst_orb_valid(&orb)) {
7b18aad5	238	program_interrupt(env, PGM_OPERAND, 2);
7b18aad5 CH	239	goto out;
7b18aad5 CH	240	}
71ed827a	241	trace_ioinst_sch_id("ssch", cssid, ssid, schid);
7b18aad5 CH	242	sch = css_find_subch(m, cssid, ssid, schid);
	243	if (sch && css_subch_visible(sch)) {
	244	ret = css_do_ssch(sch, &orb);
	245	}
	246	switch (ret) {
	247	case -ENODEV:
	248	cc = 3;
	249	break;
	250	case -EBUSY:
	251	cc = 2;
	252	break;
	253	case 0:
	254	cc = 0;
	255	break;
	256	default:
	257	cc = 1;
	258	break;
	259	}
5d9bf1c0	260	setcc(cpu, cc);
7b18aad5 CH	261
	262	out:
	263	s390_cpu_physical_memory_unmap(env, orig_orb, len, 0);
7b18aad5 CH	264	}
7b18aad5 CH	265
5d9bf1c0	266	void ioinst_handle_stcrw(S390CPU *cpu, uint32_t ipb)
7b18aad5 CH	267	{
	268	CRW *crw;
	269	uint64_t addr;
	270	int cc;
	271	hwaddr len = sizeof(*crw);
5d9bf1c0	272	CPUS390XState *env = &cpu->env;
7b18aad5 CH	273
7b18aad5 CH	274	addr = decode_basedisp_s(env, ipb);
61bf0dcb TH	275	if (addr & 3) {
61bf0dcb TH	276	program_interrupt(env, PGM_SPECIFICATION, 2);
5d9bf1c0	277	return;
61bf0dcb	278	}
7b18aad5 CH	279	crw = s390_cpu_physical_memory_map(env, addr, &len, 1);
7b18aad5 CH	280	if (!crw \|\| len != sizeof(*crw)) {
0056fc9e	281	program_interrupt(env, PGM_ADDRESSING, 2);
7b18aad5 CH	282	goto out;
	283	}
	284	cc = css_do_stcrw(crw);
	285	/* 0 - crw stored, 1 - zeroes stored */
5d9bf1c0 TH	286	setcc(cpu, cc);
5d9bf1c0 TH	287
7b18aad5 CH	288	out:
7b18aad5 CH	289	s390_cpu_physical_memory_unmap(env, crw, len, 1);
7b18aad5 CH	290	}
7b18aad5 CH	291
5d9bf1c0	292	void ioinst_handle_stsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb)
7b18aad5 CH	293	{
	294	int cssid, ssid, schid, m;
	295	SubchDev *sch;
	296	uint64_t addr;
	297	int cc;
	298	SCHIB *schib;
	299	hwaddr len = sizeof(*schib);
5d9bf1c0	300	CPUS390XState *env = &cpu->env;
7b18aad5	301
7b18aad5	302	addr = decode_basedisp_s(env, ipb);
61bf0dcb TH	303	if (addr & 3) {
61bf0dcb TH	304	program_interrupt(env, PGM_SPECIFICATION, 2);
5d9bf1c0	305	return;
61bf0dcb	306	}
7b18aad5 CH	307	schib = s390_cpu_physical_memory_map(env, addr, &len, 1);
7b18aad5 CH	308	if (!schib \|\| len != sizeof(*schib)) {
0056fc9e	309	program_interrupt(env, PGM_ADDRESSING, 2);
7b18aad5 CH	310	goto out;
7b18aad5 CH	311	}
71ed827a TH	312
	313	if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
	314	program_interrupt(env, PGM_OPERAND, 2);
71ed827a TH	315	goto out;
	316	}
	317	trace_ioinst_sch_id("stsch", cssid, ssid, schid);
7b18aad5 CH	318	sch = css_find_subch(m, cssid, ssid, schid);
	319	if (sch) {
	320	if (css_subch_visible(sch)) {
	321	css_do_stsch(sch, schib);
	322	cc = 0;
	323	} else {
	324	/* Indicate no more subchannels in this css/ss */
	325	cc = 3;
	326	}
	327	} else {
38dd7cc7	328	if (css_schid_final(m, cssid, ssid, schid)) {
7b18aad5 CH	329	cc = 3; /* No more subchannels in this css/ss */
	330	} else {
	331	/* Store an empty schib. */
	332	memset(schib, 0, sizeof(*schib));
	333	cc = 0;
	334	}
	335	}
5d9bf1c0 TH	336	setcc(cpu, cc);
5d9bf1c0 TH	337
7b18aad5 CH	338	out:
7b18aad5 CH	339	s390_cpu_physical_memory_unmap(env, schib, len, 1);
7b18aad5 CH	340	}
	341
	342	int ioinst_handle_tsch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
	343	{
	344	int cssid, ssid, schid, m;
	345	SubchDev *sch;
	346	IRB *irb;
	347	uint64_t addr;
	348	int ret = -ENODEV;
	349	int cc;
	350	hwaddr len = sizeof(*irb);
	351
	352	if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
	353	program_interrupt(env, PGM_OPERAND, 2);
	354	return -EIO;
	355	}
	356	trace_ioinst_sch_id("tsch", cssid, ssid, schid);
	357	addr = decode_basedisp_s(env, ipb);
61bf0dcb TH	358	if (addr & 3) {
	359	program_interrupt(env, PGM_SPECIFICATION, 2);
	360	return -EIO;
	361	}
7b18aad5 CH	362	irb = s390_cpu_physical_memory_map(env, addr, &len, 1);
7b18aad5 CH	363	if (!irb \|\| len != sizeof(*irb)) {
0056fc9e	364	program_interrupt(env, PGM_ADDRESSING, 2);
7b18aad5 CH	365	cc = -EIO;
	366	goto out;
	367	}
	368	sch = css_find_subch(m, cssid, ssid, schid);
	369	if (sch && css_subch_visible(sch)) {
	370	ret = css_do_tsch(sch, irb);
	371	/* 0 - status pending, 1 - not status pending */
	372	cc = ret;
	373	} else {
	374	cc = 3;
	375	}
	376	out:
	377	s390_cpu_physical_memory_unmap(env, irb, sizeof(*irb), 1);
	378	return cc;
	379	}
	380
	381	typedef struct ChscReq {
	382	uint16_t len;
	383	uint16_t command;
	384	uint32_t param0;
	385	uint32_t param1;
	386	uint32_t param2;
	387	} QEMU_PACKED ChscReq;
	388
	389	typedef struct ChscResp {
	390	uint16_t len;
	391	uint16_t code;
	392	uint32_t param;
	393	char data[0];
	394	} QEMU_PACKED ChscResp;
	395
	396	#define CHSC_MIN_RESP_LEN 0x0008
	397
	398	#define CHSC_SCPD 0x0002
	399	#define CHSC_SCSC 0x0010
	400	#define CHSC_SDA 0x0031
	401
	402	#define CHSC_SCPD_0_M 0x20000000
	403	#define CHSC_SCPD_0_C 0x10000000
	404	#define CHSC_SCPD_0_FMT 0x0f000000
	405	#define CHSC_SCPD_0_CSSID 0x00ff0000
	406	#define CHSC_SCPD_0_RFMT 0x00000f00
	407	#define CHSC_SCPD_0_RES 0xc000f000
	408	#define CHSC_SCPD_1_RES 0xffffff00
	409	#define CHSC_SCPD_01_CHPID 0x000000ff
	410	static void ioinst_handle_chsc_scpd(ChscReq req, ChscResp res)
	411	{
	412	uint16_t len = be16_to_cpu(req->len);
	413	uint32_t param0 = be32_to_cpu(req->param0);
	414	uint32_t param1 = be32_to_cpu(req->param1);
	415	uint16_t resp_code;
	416	int rfmt;
	417	uint16_t cssid;
	418	uint8_t f_chpid, l_chpid;
	419	int desc_size;
	420	int m;
	421
	422	rfmt = (param0 & CHSC_SCPD_0_RFMT) >> 8;
	423	if ((rfmt == 0) \|\| (rfmt == 1)) {
	424	rfmt = !!(param0 & CHSC_SCPD_0_C);
	425	}
	426	if ((len != 0x0010) \|\| (param0 & CHSC_SCPD_0_RES) \|\|
	427	(param1 & CHSC_SCPD_1_RES) \|\| req->param2) {
	428	resp_code = 0x0003;
429	goto out_err;
430	}
431	if (param0 & CHSC_SCPD_0_FMT) {
432	resp_code = 0x0007;
433	goto out_err;
434	}
435	cssid = (param0 & CHSC_SCPD_0_CSSID) >> 16;
436	m = param0 & CHSC_SCPD_0_M;
437	if (cssid != 0) {
438	if (!m \|\| !css_present(cssid)) {
439	resp_code = 0x0008;
440	goto out_err;
441	}
442	}
443	f_chpid = param0 & CHSC_SCPD_01_CHPID;
444	l_chpid = param1 & CHSC_SCPD_01_CHPID;
445	if (l_chpid < f_chpid) {
446	resp_code = 0x0003;
447	goto out_err;
448	}
449	/* css_collect_chp_desc() is endian-aware */
450	desc_size = css_collect_chp_desc(m, cssid, f_chpid, l_chpid, rfmt,
451	&res->data);
452	res->code = cpu_to_be16(0x0001);
453	res->len = cpu_to_be16(8 + desc_size);
454	res->param = cpu_to_be32(rfmt);
455	return;
456
457	out_err:
458	res->code = cpu_to_be16(resp_code);
459	res->len = cpu_to_be16(CHSC_MIN_RESP_LEN);
460	res->param = cpu_to_be32(rfmt);
461	}
462
463	#define CHSC_SCSC_0_M 0x20000000
464	#define CHSC_SCSC_0_FMT 0x000f0000
465	#define CHSC_SCSC_0_CSSID 0x0000ff00
466	#define CHSC_SCSC_0_RES 0xdff000ff
467	static void ioinst_handle_chsc_scsc(ChscReq req, ChscResp res)
468	{
469	uint16_t len = be16_to_cpu(req->len);
470	uint32_t param0 = be32_to_cpu(req->param0);
471	uint8_t cssid;
472	uint16_t resp_code;
473	uint32_t general_chars[510];
474	uint32_t chsc_chars[508];
475
476	if (len != 0x0010) {
477	resp_code = 0x0003;
478	goto out_err;
479	}
480
481	if (param0 & CHSC_SCSC_0_FMT) {
482	resp_code = 0x0007;
483	goto out_err;
484	}
485	cssid = (param0 & CHSC_SCSC_0_CSSID) >> 8;
486	if (cssid != 0) {
487	if (!(param0 & CHSC_SCSC_0_M) \|\| !css_present(cssid)) {
488	resp_code = 0x0008;
489	goto out_err;
490	}
491	}
492	if ((param0 & CHSC_SCSC_0_RES) \|\| req->param1 \|\| req->param2) {
493	resp_code = 0x0003;
494	goto out_err;
495	}
496	res->code = cpu_to_be16(0x0001);
497	res->len = cpu_to_be16(4080);
498	res->param = 0;
499
500	memset(general_chars, 0, sizeof(general_chars));
501	memset(chsc_chars, 0, sizeof(chsc_chars));
502
503	general_chars[0] = cpu_to_be32(0x03000000);
504	general_chars[1] = cpu_to_be32(0x00059000);
505
506	chsc_chars[0] = cpu_to_be32(0x40000000);
507	chsc_chars[3] = cpu_to_be32(0x00040000);
508
509	memcpy(res->data, general_chars, sizeof(general_chars));
510	memcpy(res->data + sizeof(general_chars), chsc_chars, sizeof(chsc_chars));
511	return;
512
513	out_err:
514	res->code = cpu_to_be16(resp_code);
515	res->len = cpu_to_be16(CHSC_MIN_RESP_LEN);
516	res->param = 0;
517	}
518
519	#define CHSC_SDA_0_FMT 0x0f000000
520	#define CHSC_SDA_0_OC 0x0000ffff
521	#define CHSC_SDA_0_RES 0xf0ff0000
522	#define CHSC_SDA_OC_MCSSE 0x0
523	#define CHSC_SDA_OC_MSS 0x2
524	static void ioinst_handle_chsc_sda(ChscReq req, ChscResp res)
525	{
526	uint16_t resp_code = 0x0001;
527	uint16_t len = be16_to_cpu(req->len);
528	uint32_t param0 = be32_to_cpu(req->param0);
529	uint16_t oc;
530	int ret;
531
532	if ((len != 0x0400) \|\| (param0 & CHSC_SDA_0_RES)) {
533	resp_code = 0x0003;
534	goto out;
535	}
536
537	if (param0 & CHSC_SDA_0_FMT) {
538	resp_code = 0x0007;
539	goto out;
540	}
541
542	oc = param0 & CHSC_SDA_0_OC;
543	switch (oc) {
544	case CHSC_SDA_OC_MCSSE:
545	ret = css_enable_mcsse();
546	if (ret == -EINVAL) {
547	resp_code = 0x0101;
548	goto out;
549	}
550	break;
551	case CHSC_SDA_OC_MSS:
552	ret = css_enable_mss();
553	if (ret == -EINVAL) {
554	resp_code = 0x0101;
555	goto out;
556	}
557	break;
558	default:
559	resp_code = 0x0003;
560	goto out;
561	}
562
563	out:
564	res->code = cpu_to_be16(resp_code);
565	res->len = cpu_to_be16(CHSC_MIN_RESP_LEN);
566	res->param = 0;
567	}
568
569	static void ioinst_handle_chsc_unimplemented(ChscResp *res)
570	{
571	res->len = cpu_to_be16(CHSC_MIN_RESP_LEN);
572	res->code = cpu_to_be16(0x0004);
573	res->param = 0;
574	}
575
5d9bf1c0	576	void ioinst_handle_chsc(S390CPU *cpu, uint32_t ipb)
7b18aad5 CH	577	{
	578	ChscReq *req;
	579	ChscResp *res;
	580	uint64_t addr;
	581	int reg;
	582	uint16_t len;
	583	uint16_t command;
	584	hwaddr map_size = TARGET_PAGE_SIZE;
5d9bf1c0	585	CPUS390XState *env = &cpu->env;
7b18aad5 CH	586
	587	trace_ioinst("chsc");
	588	reg = (ipb >> 20) & 0x00f;
	589	addr = env->regs[reg];
	590	/* Page boundary? */
	591	if (addr & 0xfff) {
	592	program_interrupt(env, PGM_SPECIFICATION, 2);
5d9bf1c0	593	return;
7b18aad5 CH	594	}
	595	req = s390_cpu_physical_memory_map(env, addr, &map_size, 1);
	596	if (!req \|\| map_size != TARGET_PAGE_SIZE) {
0056fc9e	597	program_interrupt(env, PGM_ADDRESSING, 2);
7b18aad5 CH	598	goto out;
	599	}
	600	len = be16_to_cpu(req->len);
	601	/* Length field valid? */
	602	if ((len < 16) \|\| (len > 4088) \|\| (len & 7)) {
	603	program_interrupt(env, PGM_OPERAND, 2);
7b18aad5 CH	604	goto out;
	605	}
	606	memset((char *)req + len, 0, TARGET_PAGE_SIZE - len);
	607	res = (void )((char )req + len);
	608	command = be16_to_cpu(req->command);
	609	trace_ioinst_chsc_cmd(command, len);
	610	switch (command) {
	611	case CHSC_SCSC:
	612	ioinst_handle_chsc_scsc(req, res);
	613	break;
	614	case CHSC_SCPD:
	615	ioinst_handle_chsc_scpd(req, res);
	616	break;
	617	case CHSC_SDA:
	618	ioinst_handle_chsc_sda(req, res);
	619	break;
	620	default:
	621	ioinst_handle_chsc_unimplemented(res);
	622	break;
	623	}
	624
	625	out:
	626	s390_cpu_physical_memory_unmap(env, req, map_size, 1);
7b18aad5 CH	627	}
	628
	629	int ioinst_handle_tpi(CPUS390XState *env, uint32_t ipb)
	630	{
	631	uint64_t addr;
	632	int lowcore;
50c8d9bf CH	633	IOIntCode *int_code;
	634	hwaddr len, orig_len;
	635	int ret;
7b18aad5 CH	636
	637	trace_ioinst("tpi");
	638	addr = decode_basedisp_s(env, ipb);
61bf0dcb TH	639	if (addr & 3) {
	640	program_interrupt(env, PGM_SPECIFICATION, 2);
	641	return -EIO;
	642	}
	643
7b18aad5	644	lowcore = addr ? 0 : 1;
50c8d9bf CH	645	len = lowcore ? 8 /* two words / : 12 / three words */;
	646	orig_len = len;
	647	int_code = s390_cpu_physical_memory_map(env, addr, &len, 1);
	648	if (!int_code \|\| (len != orig_len)) {
0056fc9e	649	program_interrupt(env, PGM_ADDRESSING, 2);
50c8d9bf CH	650	ret = -EIO;
50c8d9bf CH	651	goto out;
7b18aad5	652	}
50c8d9bf CH	653	ret = css_do_tpi(int_code, lowcore);
	654	out:
	655	s390_cpu_physical_memory_unmap(env, int_code, len, 1);
	656	return ret;
7b18aad5 CH	657	}
	658
	659	#define SCHM_REG1_RES(_reg) (_reg & 0x000000000ffffffc)
	660	#define SCHM_REG1_MBK(_reg) ((_reg & 0x00000000f0000000) >> 28)
	661	#define SCHM_REG1_UPD(_reg) ((_reg & 0x0000000000000002) >> 1)
	662	#define SCHM_REG1_DCT(_reg) (_reg & 0x0000000000000001)
	663
5d9bf1c0 TH	664	void ioinst_handle_schm(S390CPU *cpu, uint64_t reg1, uint64_t reg2,
5d9bf1c0 TH	665	uint32_t ipb)
7b18aad5 CH	666	{
	667	uint8_t mbk;
	668	int update;
	669	int dct;
5d9bf1c0	670	CPUS390XState *env = &cpu->env;
7b18aad5 CH	671
	672	trace_ioinst("schm");
	673
	674	if (SCHM_REG1_RES(reg1)) {
	675	program_interrupt(env, PGM_OPERAND, 2);
5d9bf1c0	676	return;
7b18aad5 CH	677	}
	678
	679	mbk = SCHM_REG1_MBK(reg1);
	680	update = SCHM_REG1_UPD(reg1);
	681	dct = SCHM_REG1_DCT(reg1);
	682
7ae5a7c0	683	if (update && (reg2 & 0x000000000000001f)) {
7b18aad5	684	program_interrupt(env, PGM_OPERAND, 2);
5d9bf1c0	685	return;
7b18aad5 CH	686	}
	687
	688	css_do_schm(mbk, update, dct, update ? reg2 : 0);
7b18aad5 CH	689	}
7b18aad5 CH	690
5d9bf1c0	691	void ioinst_handle_rsch(S390CPU *cpu, uint64_t reg1)
7b18aad5 CH	692	{
	693	int cssid, ssid, schid, m;
	694	SubchDev *sch;
	695	int ret = -ENODEV;
	696	int cc;
	697
	698	if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
5d9bf1c0 TH	699	program_interrupt(&cpu->env, PGM_OPERAND, 2);
5d9bf1c0 TH	700	return;
7b18aad5 CH	701	}
	702	trace_ioinst_sch_id("rsch", cssid, ssid, schid);
	703	sch = css_find_subch(m, cssid, ssid, schid);
	704	if (sch && css_subch_visible(sch)) {
	705	ret = css_do_rsch(sch);
	706	}
	707	switch (ret) {
	708	case -ENODEV:
	709	cc = 3;
	710	break;
	711	case -EINVAL:
	712	cc = 2;
	713	break;
	714	case 0:
	715	cc = 0;
	716	break;
	717	default:
	718	cc = 1;
	719	break;
	720	}
5d9bf1c0	721	setcc(cpu, cc);
7b18aad5 CH	722	}
	723
	724	#define RCHP_REG1_RES(_reg) (_reg & 0x00000000ff00ff00)
	725	#define RCHP_REG1_CSSID(_reg) ((_reg & 0x0000000000ff0000) >> 16)
	726	#define RCHP_REG1_CHPID(_reg) (_reg & 0x00000000000000ff)
5d9bf1c0	727	void ioinst_handle_rchp(S390CPU *cpu, uint64_t reg1)
7b18aad5 CH	728	{
	729	int cc;
	730	uint8_t cssid;
	731	uint8_t chpid;
	732	int ret;
5d9bf1c0	733	CPUS390XState *env = &cpu->env;
7b18aad5 CH	734
	735	if (RCHP_REG1_RES(reg1)) {
	736	program_interrupt(env, PGM_OPERAND, 2);
5d9bf1c0	737	return;
7b18aad5 CH	738	}
	739
	740	cssid = RCHP_REG1_CSSID(reg1);
	741	chpid = RCHP_REG1_CHPID(reg1);
	742
	743	trace_ioinst_chp_id("rchp", cssid, chpid);
	744
	745	ret = css_do_rchp(cssid, chpid);
	746
	747	switch (ret) {
	748	case -ENODEV:
	749	cc = 3;
	750	break;
	751	case -EBUSY:
	752	cc = 2;
	753	break;
	754	case 0:
	755	cc = 0;
	756	break;
	757	default:
	758	/* Invalid channel subsystem. */
	759	program_interrupt(env, PGM_OPERAND, 2);
5d9bf1c0	760	return;
7b18aad5	761	}
5d9bf1c0	762	setcc(cpu, cc);
7b18aad5 CH	763	}
	764
	765	#define SAL_REG1_INVALID(_reg) (_reg & 0x0000000080000000)
5d9bf1c0	766	void ioinst_handle_sal(S390CPU *cpu, uint64_t reg1)
7b18aad5 CH	767	{
	768	/* We do not provide address limit checking, so let's suppress it. */
	769	if (SAL_REG1_INVALID(reg1) \|\| reg1 & 0x000000000000ffff) {
5d9bf1c0	770	program_interrupt(&cpu->env, PGM_OPERAND, 2);
7b18aad5	771	}
7b18aad5	772	}