drivers/vfio/pci/vfio_pci_rdwr.c

   1 /*
   2  * VFIO PCI I/O Port & MMIO access
   3  *
   4  * Copyright (C) 2012 Red Hat, Inc.  All rights reserved.
   5  *     Author: Alex Williamson <alex.williamson@redhat.com>
   6  *
   7  * This program is free software; you can redistribute it and/or modify
   8  * it under the terms of the GNU General Public License version 2 as
   9  * published by the Free Software Foundation.
  10  *
  11  * Derived from original vfio:
  12  * Copyright 2010 Cisco Systems, Inc.  All rights reserved.
  13  * Author: Tom Lyon, pugs@cisco.com
  14  */
  15
  16 #include <linux/fs.h>
  17 #include <linux/pci.h>
  18 #include <linux/uaccess.h>
  19 #include <linux/io.h>
  20 #include <linux/vgaarb.h>
  21
  22 #include "vfio_pci_private.h"
  23
  24 /*
  25  * Read or write from an __iomem region (MMIO or I/O port) with an excluded
  26  * range which is inaccessible.  The excluded range drops writes and fills
  27  * reads with -1.  This is intended for handling MSI-X vector tables and
  28  * leftover space for ROM BARs.
  29  */
  30 static ssize_t do_io_rw(void __iomem *io, char __user *buf,
  31                         loff_t off, size_t count, size_t x_start,
  32                         size_t x_end, bool iswrite)
  33 {
  34         ssize_t done = 0;
  35
  36         while (count) {
  37                 size_t fillable, filled;
  38
  39                 if (off < x_start)
  40                         fillable = min(count, (size_t)(x_start - off));
  41                 else if (off >= x_end)
  42                         fillable = count;
  43                 else
  44                         fillable = 0;
  45
  46                 if (fillable >= 4 && !(off % 4)) {
  47                         __le32 val;
  48
  49                         if (iswrite) {
  50                                 if (copy_from_user(&val, buf, 4))
  51                                         return -EFAULT;
  52
  53                                 iowrite32(le32_to_cpu(val), io + off);
  54                         } else {
  55                                 val = cpu_to_le32(ioread32(io + off));
  56
  57                                 if (copy_to_user(buf, &val, 4))
  58                                         return -EFAULT;
  59                         }
  60
  61                         filled = 4;
  62                 } else if (fillable >= 2 && !(off % 2)) {
  63                         __le16 val;
  64
  65                         if (iswrite) {
  66                                 if (copy_from_user(&val, buf, 2))
  67                                         return -EFAULT;
  68
  69                                 iowrite16(le16_to_cpu(val), io + off);
  70                         } else {
  71                                 val = cpu_to_le16(ioread16(io + off));
  72
  73                                 if (copy_to_user(buf, &val, 2))
  74                                         return -EFAULT;
  75                         }
  76
  77                         filled = 2;
  78                 } else if (fillable) {
  79                         u8 val;
  80
  81                         if (iswrite) {
  82                                 if (copy_from_user(&val, buf, 1))
  83                                         return -EFAULT;
  84
  85                                 iowrite8(val, io + off);
  86                         } else {
  87                                 val = ioread8(io + off);
  88
  89                                 if (copy_to_user(buf, &val, 1))
  90                                         return -EFAULT;
  91                         }
  92
  93                         filled = 1;
  94                 } else {
  95                         /* Fill reads with -1, drop writes */
  96                         filled = min(count, (size_t)(x_end - off));
  97                         if (!iswrite) {
  98                                 u8 val = 0xFF;
  99                                 size_t i;
 100
 101                                 for (i = 0; i < filled; i++)
 102                                         if (copy_to_user(buf + i, &val, 1))
 103                                                 return -EFAULT;
 104                         }
 105                 }
 106
 107                 count -= filled;
 108                 done += filled;
 109                 off += filled;
 110                 buf += filled;
 111         }
 112
 113         return done;
 114 }
 115
 116 ssize_t vfio_pci_bar_rw(struct vfio_pci_device *vdev, char __user *buf,
 117                         size_t count, loff_t *ppos, bool iswrite)
 118 {
 119         struct pci_dev *pdev = vdev->pdev;
 120         loff_t pos = *ppos & VFIO_PCI_OFFSET_MASK;
 121         int bar = VFIO_PCI_OFFSET_TO_INDEX(*ppos);
 122         size_t x_start = 0, x_end = 0;
 123         resource_size_t end;
 124         void __iomem *io;
 125         struct resource *res = &vdev->pdev->resource[bar];
 126         ssize_t done;
 127
 128         if (pci_resource_start(pdev, bar))
 129                 end = pci_resource_len(pdev, bar);
 130         else if (bar == PCI_ROM_RESOURCE &&
 131                  pdev->resource[bar].flags & IORESOURCE_ROM_SHADOW)
 132                 end = 0x20000;
 133         else
 134                 return -EINVAL;
 135
 136         if (pos >= end)
 137                 return -EINVAL;
 138
 139         count = min(count, (size_t)(end - pos));
 140
 141         if (res->flags & IORESOURCE_MEM) {
 142                 down_read(&vdev->memory_lock);
 143                 if (!__vfio_pci_memory_enabled(vdev)) {
 144                         up_read(&vdev->memory_lock);
 145                         return -EIO;
 146                 }
 147         }
 148
 149         if (bar == PCI_ROM_RESOURCE) {
 150                 /*
 151                  * The ROM can fill less space than the BAR, so we start the
 152                  * excluded range at the end of the actual ROM.  This makes
 153                  * filling large ROM BARs much faster.
 154                  */
 155                 io = pci_map_rom(pdev, &x_start);
 156                 if (!io) {
 157                         done = -ENOMEM;
 158                         goto out;
 159                 }
 160                 x_end = end;
 161         } else if (!vdev->barmap[bar]) {
 162                 done = pci_request_selected_regions(pdev, 1 << bar, "vfio");
 163                 if (done)
 164                         goto out;
 165
 166                 io = pci_iomap(pdev, bar, 0);
 167                 if (!io) {
 168                         pci_release_selected_regions(pdev, 1 << bar);
 169                         done = -ENOMEM;
 170                         goto out;
 171                 }
 172
 173                 vdev->barmap[bar] = io;
 174         } else
 175                 io = vdev->barmap[bar];
 176
 177         if (bar == vdev->msix_bar) {
 178                 x_start = vdev->msix_offset;
 179                 x_end = vdev->msix_offset + vdev->msix_size;
 180         }
 181
 182         done = do_io_rw(io, buf, pos, count, x_start, x_end, iswrite);
 183
 184         if (done >= 0)
 185                 *ppos += done;
 186
 187         if (bar == PCI_ROM_RESOURCE)
 188                 pci_unmap_rom(pdev, io);
 189 out:
 190         if (res->flags & IORESOURCE_MEM)
 191                 up_read(&vdev->memory_lock);
 192
 193         return done;
 194 }
 195
 196 ssize_t vfio_pci_vga_rw(struct vfio_pci_device *vdev, char __user *buf,
 197                                size_t count, loff_t *ppos, bool iswrite)
 198 {
 199         int ret;
 200         loff_t off, pos = *ppos & VFIO_PCI_OFFSET_MASK;
 201         void __iomem *iomem = NULL;
 202         unsigned int rsrc;
 203         bool is_ioport;
 204         ssize_t done;
 205
 206         if (!vdev->has_vga)
 207                 return -EINVAL;
 208
 209         if (pos > 0xbfffful)
 210                 return -EINVAL;
 211
 212         switch ((u32)pos) {
 213         case 0xa0000 ... 0xbffff:
 214                 count = min(count, (size_t)(0xc0000 - pos));
 215                 iomem = ioremap_nocache(0xa0000, 0xbffff - 0xa0000 + 1);
 216                 off = pos - 0xa0000;
 217                 rsrc = VGA_RSRC_LEGACY_MEM;
 218                 is_ioport = false;
 219                 break;
 220         case 0x3b0 ... 0x3bb:
 221                 count = min(count, (size_t)(0x3bc - pos));
 222                 iomem = ioport_map(0x3b0, 0x3bb - 0x3b0 + 1);
 223                 off = pos - 0x3b0;
 224                 rsrc = VGA_RSRC_LEGACY_IO;
 225                 is_ioport = true;
 226                 break;
 227         case 0x3c0 ... 0x3df:
 228                 count = min(count, (size_t)(0x3e0 - pos));
 229                 iomem = ioport_map(0x3c0, 0x3df - 0x3c0 + 1);
 230                 off = pos - 0x3c0;
 231                 rsrc = VGA_RSRC_LEGACY_IO;
 232                 is_ioport = true;
 233                 break;
 234         default:
 235                 return -EINVAL;
 236         }
 237
 238         if (!iomem)
 239                 return -ENOMEM;
 240
 241         ret = vga_get_interruptible(vdev->pdev, rsrc);
 242         if (ret) {
 243                 is_ioport ? ioport_unmap(iomem) : iounmap(iomem);
 244                 return ret;
 245         }
 246
 247         done = do_io_rw(iomem, buf, off, count, 0, 0, iswrite);
 248
 249         vga_put(vdev->pdev, rsrc);
 250
 251         is_ioport ? ioport_unmap(iomem) : iounmap(iomem);
 252
 253         if (done >= 0)
 254                 *ppos += done;
 255
 256         return done;
 257 }