qemu

ppc-spapr-xive.rst (10761B)

---

 XIVE for sPAPR (pseries machines)
 =================================
 
 The POWER9 processor comes with a new interrupt controller
 architecture, called XIVE as "eXternal Interrupt Virtualization
 Engine". It supports a larger number of interrupt sources and offers
 virtualization features which enables the HW to deliver interrupts
 directly to virtual processors without hypervisor assistance.
 
 A QEMU ``pseries`` machine (which is PAPR compliant) using POWER9
 processors can run under two interrupt modes:
 
 - *Legacy Compatibility Mode*
 
   the hypervisor provides identical interfaces and similar
   functionality to PAPR+ Version 2.7.  This is the default mode
 
   It is also referred as *XICS* in QEMU.
 
 - *XIVE native exploitation mode*
 
   the hypervisor provides new interfaces to manage the XIVE control
   structures, and provides direct control for interrupt management
   through MMIO pages.
 
 Which interrupt modes can be used by the machine is negotiated with
 the guest O/S during the Client Architecture Support negotiation
 sequence. The two modes are mutually exclusive.
 
 Both interrupt mode share the same IRQ number space. See below for the
 layout.
 
 CAS Negotiation
 ---------------
 
 QEMU advertises the supported interrupt modes in the device tree
 property ``ibm,arch-vec-5-platform-support`` in byte 23 and the OS
 Selection for XIVE is indicated in the ``ibm,architecture-vec-5``
 property byte 23.
 
 The interrupt modes supported by the machine depend on the CPU type
 (POWER9 is required for XIVE) but also on the machine property
 ``ic-mode`` which can be set on the command line. It can take the
 following values: ``xics``, ``xive``, and ``dual`` which is the
 default mode. ``dual`` means that both modes XICS **and** XIVE are
 supported and if the guest OS supports XIVE, this mode will be
 selected.
 
 The chosen interrupt mode is activated after a reconfiguration done
 in a machine reset.
 
 KVM negotiation
 ---------------
 
 When the guest starts under KVM, the capabilities of the host kernel
 and QEMU are also negotiated. Depending on the version of the host
 kernel, KVM will advertise the XIVE capability to QEMU or not.
 
 Nevertheless, the available interrupt modes in the machine should not
 depend on the XIVE KVM capability of the host. On older kernels
 without XIVE KVM support, QEMU will use the emulated XIVE device as a
 fallback and on newer kernels (>=5.2), the KVM XIVE device.
 
 XIVE native exploitation mode is not supported for KVM nested guests,
 VMs running under a L1 hypervisor (KVM on pSeries). In that case, the
 hypervisor will not advertise the KVM capability and QEMU will use the
 emulated XIVE device, same as for older versions of KVM.
 
 As a final refinement, the user can also switch the use of the KVM
 device with the machine option ``kernel_irqchip``.
 
 
 XIVE support in KVM
 ~~~~~~~~~~~~~~~~~~~
 
 For guest OSes supporting XIVE, the resulting interrupt modes on host
 kernels with XIVE KVM support are the following:
 
 ==============  =============  =============  ================
 ic-mode                            kernel_irqchip
 --------------  ----------------------------------------------
 /               allowed        off            on
                 (default)
 ==============  =============  =============  ================
 dual (default)  XIVE KVM       XIVE emul.     XIVE KVM
 xive            XIVE KVM       XIVE emul.     XIVE KVM
 xics            XICS KVM       XICS emul.     XICS KVM
 ==============  =============  =============  ================
 
 For legacy guest OSes without XIVE support, the resulting interrupt
 modes are the following:
 
 ==============  =============  =============  ================
 ic-mode                            kernel_irqchip
 --------------  ----------------------------------------------
 /               allowed        off            on
                 (default)
 ==============  =============  =============  ================
 dual (default)  XICS KVM       XICS emul.     XICS KVM
 xive            QEMU error(3)  QEMU error(3)  QEMU error(3)
 xics            XICS KVM       XICS emul.     XICS KVM
 ==============  =============  =============  ================
 
 (3) QEMU fails at CAS with ``Guest requested unavailable interrupt
     mode (XICS), either don't set the ic-mode machine property or try
     ic-mode=xics or ic-mode=dual``
 
 
 No XIVE support in KVM
 ~~~~~~~~~~~~~~~~~~~~~~
 
 For guest OSes supporting XIVE, the resulting interrupt modes on host
 kernels without XIVE KVM support are the following:
 
 ==============  =============  =============  ================
 ic-mode                            kernel_irqchip
 --------------  ----------------------------------------------
 /               allowed        off            on
                 (default)
 ==============  =============  =============  ================
 dual (default)  XIVE emul.(1)  XIVE emul.     QEMU error (2)
 xive            XIVE emul.(1)  XIVE emul.     QEMU error (2)
 xics            XICS KVM       XICS emul.     XICS KVM
 ==============  =============  =============  ================
 
 
 (1) QEMU warns with ``warning: kernel_irqchip requested but unavailable:
     IRQ_XIVE capability must be present for KVM``
     In some cases (old host kernels or KVM nested guests), one may hit a
     QEMU/KVM incompatibility due to device destruction in reset. QEMU fails
     with ``KVM is incompatible with ic-mode=dual,kernel-irqchip=on``
 (2) QEMU fails with ``kernel_irqchip requested but unavailable:
     IRQ_XIVE capability must be present for KVM``
 
 
 For legacy guest OSes without XIVE support, the resulting interrupt
 modes are the following:
 
 ==============  =============  =============  ================
 ic-mode                            kernel_irqchip
 --------------  ----------------------------------------------
 /               allowed        off            on
                 (default)
 ==============  =============  =============  ================
 dual (default)  QEMU error(4)  XICS emul.     QEMU error(4)
 xive            QEMU error(3)  QEMU error(3)  QEMU error(3)
 xics            XICS KVM       XICS emul.     XICS KVM
 ==============  =============  =============  ================
 
 (3) QEMU fails at CAS with ``Guest requested unavailable interrupt
     mode (XICS), either don't set the ic-mode machine property or try
     ic-mode=xics or ic-mode=dual``
 (4) QEMU/KVM incompatibility due to device destruction in reset. QEMU fails
     with ``KVM is incompatible with ic-mode=dual,kernel-irqchip=on``
 
 
 XIVE Device tree properties
 ---------------------------
 
 The properties for the PAPR interrupt controller node when the *XIVE
 native exploitation mode* is selected should contain:
 
 - ``device_type``
 
   value should be "power-ivpe".
 
 - ``compatible``
 
   value should be "ibm,power-ivpe".
 
 - ``reg``
 
   contains the base address and size of the thread interrupt
   managnement areas (TIMA), for the User level and for the Guest OS
   level. Only the Guest OS level is taken into account today.
 
 - ``ibm,xive-eq-sizes``
 
   the size of the event queues. One cell per size supported, contains
   log2 of size, in ascending order.
 
 - ``ibm,xive-lisn-ranges``
 
   the IRQ interrupt number ranges assigned to the guest for the IPIs.
 
 The root node also exports :
 
 - ``ibm,plat-res-int-priorities``
 
   contains a list of priorities that the hypervisor has reserved for
   its own use.
 
 IRQ number space
 ----------------
 
 IRQ Number space of the ``pseries`` machine is 8K wide and is the same
 for both interrupt mode. The different ranges are defined as follow :
 
 - ``0x0000 .. 0x0FFF`` 4K CPU IPIs (only used under XIVE)
 - ``0x1000 .. 0x1000`` 1 EPOW
 - ``0x1001 .. 0x1001`` 1 HOTPLUG
 - ``0x1002 .. 0x10FF`` unused
 - ``0x1100 .. 0x11FF`` 256 VIO devices
 - ``0x1200 .. 0x127F`` 32x4 LSIs for PHB devices
 - ``0x1280 .. 0x12FF`` unused
 - ``0x1300 .. 0x1FFF`` PHB MSIs (dynamically allocated)
 
 Monitoring XIVE
 ---------------
 
 The state of the XIVE interrupt controller can be queried through the
 monitor commands ``info pic``. The output comes in two parts.
 
 First, the state of the thread interrupt context registers is dumped
 for each CPU :
 
 ::
 
    (qemu) info pic
    CPU[0000]:   QW   NSR CPPR IPB LSMFB ACK# INC AGE PIPR  W2
    CPU[0000]: USER    00   00  00    00   00  00  00   00  00000000
    CPU[0000]:   OS    00   ff  00    00   ff  00  ff   ff  80000400
    CPU[0000]: POOL    00   00  00    00   00  00  00   00  00000000
    CPU[0000]: PHYS    00   00  00    00   00  00  00   ff  00000000
    ...
 
 In the case of a ``pseries`` machine, QEMU acts as the hypervisor and only
 the O/S and USER register rings make sense. ``W2`` contains the vCPU CAM
 line which is set to the VP identifier.
 
 Then comes the routing information which aggregates the EAS and the
 END configuration:
 
 ::
 
    ...
    LISN         PQ    EISN     CPU/PRIO EQ
    00000000 MSI --    00000010   0/6    380/16384 @1fe3e0000 ^1 [ 80000010 ... ]
    00000001 MSI --    00000010   1/6    305/16384 @1fc230000 ^1 [ 80000010 ... ]
    00000002 MSI --    00000010   2/6    220/16384 @1fc2f0000 ^1 [ 80000010 ... ]
    00000003 MSI --    00000010   3/6    201/16384 @1fc390000 ^1 [ 80000010 ... ]
    00000004 MSI -Q  M 00000000
    00000005 MSI -Q  M 00000000
    00000006 MSI -Q  M 00000000
    00000007 MSI -Q  M 00000000
    00001000 MSI --    00000012   0/6    380/16384 @1fe3e0000 ^1 [ 80000010 ... ]
    00001001 MSI --    00000013   0/6    380/16384 @1fe3e0000 ^1 [ 80000010 ... ]
    00001100 MSI --    00000100   1/6    305/16384 @1fc230000 ^1 [ 80000010 ... ]
    00001101 MSI -Q  M 00000000
    00001200 LSI -Q  M 00000000
    00001201 LSI -Q  M 00000000
    00001202 LSI -Q  M 00000000
    00001203 LSI -Q  M 00000000
    00001300 MSI --    00000102   1/6    305/16384 @1fc230000 ^1 [ 80000010 ... ]
    00001301 MSI --    00000103   2/6    220/16384 @1fc2f0000 ^1 [ 80000010 ... ]
    00001302 MSI --    00000104   3/6    201/16384 @1fc390000 ^1 [ 80000010 ... ]
 
 The source information and configuration:
 
 - The ``LISN`` column outputs the interrupt number of the source in
   range ``[ 0x0 ... 0x1FFF ]`` and its type : ``MSI`` or ``LSI``
 - The ``PQ`` column reflects the state of the PQ bits of the source :
 
   - ``--`` source is ready to take events
   - ``P-`` an event was sent and an EOI is PENDING
   - ``PQ`` an event was QUEUED
   - ``-Q`` source is OFF
 
   a ``M`` indicates that source is *MASKED* at the EAS level,
 
 The targeting configuration :
 
 - The ``EISN`` column is the event data that will be queued in the event
   queue of the O/S.
 - The ``CPU/PRIO`` column is the tuple defining the CPU number and
   priority queue serving the source.
 - The ``EQ`` column outputs :
 
   - the current index of the event queue/ the max number of entries
   - the O/S event queue address
   - the toggle bit
   - the last entries that were pushed in the event queue.