debuggers.hg

annotate xen/common/physdev.c @ 3658:0ef6e8e6e85d

bitkeeper revision 1.1159.212.71 (4200f0afX_JumfbEHQex6TdFENULMQ)

Merge labyrinth.cl.cam.ac.uk:/auto/groups/xeno-xenod/BK/xen-unstable.bk
into labyrinth.cl.cam.ac.uk:/auto/groups/xeno/users/iap10/xeno-clone/xen-unstable.bk
author iap10@labyrinth.cl.cam.ac.uk
date Wed Feb 02 15:24:31 2005 +0000 (2005-02-02)
parents c6f1bab39d4f beb0887c54bc
children bbe8541361dd 4294cfa9fad3
rev   line source
kaf24@1209 1 /* -*- Mode:C; c-basic-offset:4; tab-width:4 -*-
kaf24@1209 2 ****************************************************************************
kaf24@1290 3 * (c) 2004 - Rolf Neugebauer - Intel Research Cambridge
kaf24@1290 4 * (c) 2004 - Keir Fraser - University of Cambridge
kaf24@1209 5 ****************************************************************************
kaf24@1209 6 *
kaf24@1209 7 * Description: allows a domain to access devices on the PCI bus
kaf24@1209 8 *
kaf24@1291 9 * A guest OS may be given access to particular devices on the PCI bus.
kaf24@1291 10 * For each domain a list of PCI devices is maintained, describing the
kaf24@1209 11 * access mode for the domain.
kaf24@1209 12 *
kaf24@1291 13 * Guests can figure out the virtualised PCI space through normal PCI config
kaf24@1291 14 * register access. Some of the accesses, in particular write accesses, are
kaf24@1291 15 * faked. For example the sequence for detecting the IO regions, which requires
kaf24@1291 16 * writes to determine the size of the region, is faked out by a very simple
kaf24@1291 17 * state machine, preventing direct writes to the PCI config registers by a
kaf24@1291 18 * guest.
kaf24@1209 19 */
kaf24@1209 20
kaf24@1248 21 #include <xen/config.h>
kaf24@3372 22 #include <xen/init.h>
kaf24@1248 23 #include <xen/lib.h>
kaf24@1248 24 #include <xen/types.h>
kaf24@1248 25 #include <xen/sched.h>
kaf24@1248 26 #include <xen/pci.h>
kaf24@1248 27 #include <xen/irq.h>
kaf24@1248 28 #include <xen/event.h>
kaf24@1209 29 #include <asm/pci.h>
kaf24@2827 30 #include <public/xen.h>
kaf24@2827 31 #include <public/physdev.h>
kaf24@1209 32
kaf24@1290 33 /* Called by PHYSDEV_PCI_INITIALISE_DEVICE to finalise IRQ routing. */
kaf24@1290 34 extern void pcibios_enable_irq(struct pci_dev *dev);
kaf24@1290 35
kaf24@1291 36 #if 0
kaf24@1291 37 #define VERBOSE_INFO(_f, _a...) printk( _f , ## _a )
kaf24@1211 38 #else
kaf24@1291 39 #define VERBOSE_INFO(_f, _a...) ((void)0)
kaf24@1211 40 #endif
kaf24@1209 41
kaf24@2097 42 #ifdef VERBOSE
kaf24@1291 43 #define INFO(_f, _a...) printk( _f, ## _a )
kaf24@1291 44 #else
kaf24@1291 45 #define INFO(_f, _a...) ((void)0)
kaf24@1291 46 #endif
kaf24@1291 47
kaf24@3433 48 #define SLOPPY_CHECKING
kaf24@1291 49
kaf24@1209 50 #define ACC_READ 1
kaf24@1209 51 #define ACC_WRITE 2
kaf24@1209 52
kaf24@1291 53 /* Upper bounds for PCI-device addressing. */
kaf24@1209 54 #define PCI_BUSMAX 255
kaf24@1209 55 #define PCI_DEVMAX 31
kaf24@1209 56 #define PCI_FUNCMAX 7
kaf24@1209 57 #define PCI_REGMAX 255
kaf24@1209 58
kaf24@1291 59 /* Bit offsets into state. */
kaf24@1209 60 #define ST_BASE_ADDRESS 0 /* bits 0-5: are for base address access */
kaf24@1209 61 #define ST_ROM_ADDRESS 6 /* bit 6: is for rom address access */
kaf24@1209 62
kaf24@1277 63 typedef struct _phys_dev_st {
kaf24@1209 64 int flags; /* flags for access etc */
kaf24@1209 65 struct pci_dev *dev; /* the device */
kaf24@1209 66 struct list_head node; /* link to the list */
kaf24@1543 67 struct domain *owner; /* 'owner of this device' */
kaf24@1209 68 int state; /* state for various checks */
kaf24@1209 69 } phys_dev_t;
kaf24@1209 70
kaf24@1209 71
kaf24@1291 72 /* Find a device on a per-domain device list. */
kaf24@1543 73 static phys_dev_t *find_pdev(struct domain *p, struct pci_dev *dev)
kaf24@1209 74 {
kaf24@1209 75 phys_dev_t *t, *res = NULL;
kaf24@1209 76
kaf24@3568 77 list_for_each_entry ( t, &p->pcidev_list, node )
kaf24@1209 78 {
kaf24@1209 79 if ( dev == t->dev )
kaf24@1209 80 {
kaf24@1209 81 res = t;
kaf24@1209 82 break;
kaf24@1209 83 }
kaf24@1209 84 }
kaf24@1209 85 return res;
kaf24@1209 86 }
kaf24@1209 87
kaf24@1291 88 /* Add a device to a per-domain device-access list. */
kaf24@1543 89 static void add_dev_to_task(struct domain *p,
kaf24@1209 90 struct pci_dev *dev, int acc)
kaf24@1209 91 {
kaf24@1209 92 phys_dev_t *pdev;
kaf24@1209 93
kaf24@1209 94 if ( (pdev = find_pdev(p, dev)) )
kaf24@1209 95 {
kaf24@1291 96 /* Sevice already on list: update access permissions. */
kaf24@1209 97 pdev->flags = acc;
kaf24@1209 98 return;
kaf24@1209 99 }
kaf24@1209 100
iap10@3650 101 if ( (pdev = xmalloc(phys_dev_t)) == NULL )
kaf24@1209 102 {
kaf24@1291 103 INFO("Error allocating pdev structure.\n");
kaf24@1209 104 return;
kaf24@1209 105 }
kaf24@1209 106
kaf24@1209 107 pdev->dev = dev;
kaf24@1209 108 pdev->flags = acc;
kaf24@1209 109 pdev->state = 0;
kaf24@1211 110 list_add(&pdev->node, &p->pcidev_list);
kaf24@1209 111
kaf24@1209 112 if ( acc == ACC_WRITE )
kaf24@1209 113 pdev->owner = p;
kaf24@1209 114 }
kaf24@1209 115
kaf24@1209 116 /*
kaf24@1209 117 * physdev_pci_access_modify:
mwilli2@1365 118 * Allow/disallow access to a specific PCI device. Guests should not be
mwilli2@1365 119 * allowed to see bridge devices as it needlessly complicates things (one
mwilli2@1365 120 * possible exception to this is the AGP bridge). If the given device is a
mwilli2@1365 121 * bridge, then the domain should get access to all the leaf devices below
mwilli2@1365 122 * that bridge (XXX this is unimplemented!).
kaf24@1209 123 */
kaf24@1209 124 int physdev_pci_access_modify(
kaf24@1209 125 domid_t dom, int bus, int dev, int func, int enable)
kaf24@1209 126 {
kaf24@1543 127 struct domain *p;
cl349@3202 128 struct exec_domain *ed, *edc;
mwilli2@1365 129 struct pci_dev *pdev;
mwilli2@1377 130 int i, j, rc = 0;
cl349@3202 131
cl349@2957 132 if ( !IS_PRIV(current->domain) )
kaf24@1209 133 BUG();
kaf24@1209 134
kaf24@1209 135 if ( (bus > PCI_BUSMAX) || (dev > PCI_DEVMAX) || (func > PCI_FUNCMAX) )
kaf24@1209 136 return -EINVAL;
kaf24@1209 137
kaf24@1209 138 if ( !enable )
kaf24@1209 139 {
kaf24@1291 140 INFO("Disallowing access is not yet supported.\n");
kaf24@1209 141 return -EINVAL;
kaf24@1209 142 }
kaf24@1209 143
kaf24@1291 144 INFO("physdev_pci_access_modify: %02x:%02x:%02x\n", bus, dev, func);
kaf24@1209 145
kaf24@1211 146 if ( (p = find_domain_by_id(dom)) == NULL )
kaf24@1209 147 return -ESRCH;
kaf24@1209 148
cl349@3112 149 ed = p->exec_domain[0]; /* XXX */
cl349@3112 150
kaf24@1209 151 /* Make the domain privileged. */
cl349@2957 152 set_bit(DF_PHYSDEV, &p->d_flags);
mwilli2@1465 153 /* FIXME: MAW for now make the domain REALLY privileged so that it
mwilli2@1465 154 * can run a backend driver (hw access should work OK otherwise) */
cl349@2957 155 set_bit(DF_PRIVILEGED, &p->d_flags);
kaf24@1209 156
kaf24@1209 157 /* Grant write access to the specified device. */
kaf24@1209 158 if ( (pdev = pci_find_slot(bus, PCI_DEVFN(dev, func))) == NULL )
kaf24@1209 159 {
kaf24@1291 160 INFO(" dev does not exist\n");
kaf24@1354 161 rc = -ENODEV;
kaf24@1354 162 goto out;
kaf24@1209 163 }
kaf24@1209 164 add_dev_to_task(p, pdev, ACC_WRITE);
mwilli2@1365 165
kaf24@1291 166 INFO(" add RW %02x:%02x:%02x\n", pdev->bus->number,
kaf24@1291 167 PCI_SLOT(pdev->devfn), PCI_FUNC(pdev->devfn));
kaf24@1209 168
kaf24@1354 169 /* Is the device a bridge or cardbus? */
kaf24@1354 170 if ( pdev->hdr_type != PCI_HEADER_TYPE_NORMAL )
kaf24@1354 171 INFO("XXX can't give access to bridge devices yet\n");
kaf24@1209 172
mwilli2@1377 173 /* Now, setup access to the IO ports and memory regions for the device. */
mwilli2@1377 174
cl349@3112 175 if ( ed->thread.io_bitmap == NULL )
mwilli2@1377 176 {
iap10@3650 177 if ( (ed->thread.io_bitmap = xmalloc_array(u8, IOBMP_BYTES)) == NULL )
mwilli2@1377 178 {
mwilli2@1377 179 rc = -ENOMEM;
mwilli2@1377 180 goto out;
mwilli2@1377 181 }
cl349@3112 182 memset(ed->thread.io_bitmap, 0xFF, IOBMP_BYTES);
mwilli2@1377 183
cl349@3112 184 ed->thread.io_bitmap_sel = ~0ULL;
mwilli2@1377 185
cl349@3202 186 for_each_exec_domain(p, edc) {
cl349@3202 187 if (edc == ed)
cl349@3202 188 continue;
cl349@3202 189 edc->thread.io_bitmap = ed->thread.io_bitmap;
cl349@3202 190 }
mwilli2@1377 191 }
mwilli2@1377 192
mwilli2@1377 193 for ( i = 0; i < DEVICE_COUNT_RESOURCE; i++ )
mwilli2@1377 194 {
mwilli2@1377 195 struct resource *r = &pdev->resource[i];
mwilli2@1377 196
mwilli2@1377 197 if ( r->flags & IORESOURCE_IO )
mwilli2@1377 198 {
mwilli2@1377 199 /* Give the domain access to the IO ports it needs. Currently,
mwilli2@1377 200 * this will allow all processes in that domain access to those
mwilli2@1377 201 * ports as well. This will do for now, since driver domains don't
mwilli2@1377 202 * run untrusted processes! */
kaf24@1464 203 INFO("Giving domain %u IO resources (%lx - %lx) "
mwilli2@1377 204 "for device %s\n", dom, r->start, r->end, pdev->slot_name);
mwilli2@1377 205 for ( j = r->start; j < r->end + 1; j++ )
mwilli2@1377 206 {
cl349@3112 207 clear_bit(j, ed->thread.io_bitmap);
cl349@3112 208 clear_bit(j / IOBMP_BITS_PER_SELBIT, &ed->thread.io_bitmap_sel);
mwilli2@1377 209 }
mwilli2@1377 210 }
mwilli2@1377 211
mwilli2@1386 212 /* rights to IO memory regions are checked when the domain maps them */
kaf24@1464 213 }
cl349@3202 214
cl349@3202 215 for_each_exec_domain(p, edc) {
cl349@3202 216 if (edc == ed)
cl349@3202 217 continue;
cl349@3202 218 edc->thread.io_bitmap_sel = ed->thread.io_bitmap_sel;
cl349@3202 219 }
cl349@3202 220
kaf24@1354 221 out:
kaf24@1543 222 put_domain(p);
kaf24@1354 223 return rc;
kaf24@1209 224 }
kaf24@1209 225
mwilli2@1386 226 /* Check if a domain controls a device with IO memory within frame @pfn.
mwilli2@1386 227 * Returns: 1 if the domain should be allowed to map @pfn, 0 otherwise. */
kaf24@1543 228 int domain_iomem_in_pfn(struct domain *p, unsigned long pfn)
mwilli2@1386 229 {
mwilli2@1386 230 int ret = 0;
kaf24@3568 231 phys_dev_t *phys_dev;
mwilli2@1386 232
kaf24@1464 233 VERBOSE_INFO("Checking if physdev-capable domain %u needs access to "
kaf24@2748 234 "pfn %08lx\n", p->id, pfn);
mwilli2@1386 235
mwilli2@1386 236 spin_lock(&p->pcidev_lock);
mwilli2@1386 237
kaf24@3568 238 list_for_each_entry ( phys_dev, &p->pcidev_list, node )
mwilli2@1386 239 {
mwilli2@1386 240 int i;
mwilli2@1386 241 struct pci_dev *pci_dev = phys_dev->dev;
mwilli2@1386 242
mwilli2@1386 243 for ( i = 0; (i < DEVICE_COUNT_RESOURCE) && (ret == 0); i++ )
mwilli2@1386 244 {
mwilli2@1386 245 struct resource *r = &pci_dev->resource[i];
mwilli2@1386 246
mwilli2@1386 247 if ( r->flags & IORESOURCE_MEM )
mwilli2@1386 248 if ( (r->start >> PAGE_SHIFT) == pfn
mwilli2@1386 249 || (r->end >> PAGE_SHIFT) == pfn
mwilli2@1386 250 || ((r->start >> PAGE_SHIFT < pfn)
mwilli2@1386 251 && (r->end >> PAGE_SHIFT > pfn)) )
mwilli2@1386 252 ret = 1;
mwilli2@1386 253 }
mwilli2@1386 254
mwilli2@1386 255 if ( ret != 0 ) break;
mwilli2@1386 256 }
mwilli2@1386 257
mwilli2@1386 258 spin_unlock(&p->pcidev_lock);
mwilli2@1386 259
kaf24@1464 260 VERBOSE_INFO("Domain %u %s mapping of pfn %08lx\n",
kaf24@2748 261 p->id, ret ? "allowed" : "disallowed", pfn);
mwilli2@1386 262
mwilli2@1386 263 return ret;
mwilli2@1386 264 }
mwilli2@1386 265
kaf24@1209 266 /* check if a domain has general access to a device */
kaf24@1543 267 inline static int check_dev_acc (struct domain *p,
kaf24@1209 268 int bus, int dev, int func,
kaf24@1209 269 phys_dev_t **pdev)
kaf24@1209 270 {
kaf24@1209 271 struct pci_dev *target_dev;
kaf24@1209 272 phys_dev_t *target_pdev;
kaf24@1209 273 unsigned int target_devfn;
kaf24@1209 274
kaf24@1209 275 *pdev = NULL;
kaf24@1209 276
mwilli2@1377 277 if ( !IS_CAPABLE_PHYSDEV(p) )
mwilli2@1377 278 return -EPERM; /* no pci access permission */
kaf24@1209 279
kaf24@1209 280 if ( bus > PCI_BUSMAX || dev > PCI_DEVMAX || func > PCI_FUNCMAX )
kaf24@1209 281 return -EINVAL;
kaf24@1209 282
mwilli2@1386 283 VERBOSE_INFO("b=%x d=%x f=%x ", bus, dev, func);
kaf24@1209 284
kaf24@1209 285 /* check target device */
kaf24@1209 286 target_devfn = PCI_DEVFN(dev, func);
kaf24@1209 287 target_dev = pci_find_slot(bus, target_devfn);
kaf24@1209 288 if ( !target_dev )
kaf24@1209 289 {
kaf24@1291 290 VERBOSE_INFO("target does not exist\n");
kaf24@1209 291 return -ENODEV;
kaf24@1209 292 }
kaf24@1209 293
kaf24@1209 294 /* check access */
kaf24@1209 295 target_pdev = find_pdev(p, target_dev);
kaf24@1209 296 if ( !target_pdev )
kaf24@1209 297 {
kaf24@1291 298 VERBOSE_INFO("dom has no access to target\n");
kaf24@1209 299 return -EPERM;
kaf24@1209 300 }
kaf24@1209 301
kaf24@1209 302 *pdev = target_pdev;
kaf24@1209 303 return 0;
kaf24@1209 304 }
kaf24@1209 305
kaf24@3433 306 #ifndef SLOPPY_CHECKING
kaf24@1209 307 /*
kaf24@1209 308 * Base address registers contain the base address for IO regions.
kaf24@1209 309 * The length can be determined by writing all 1s to the register and
kaf24@1209 310 * reading the value again. The device will zero the lower unused bits.
kaf24@1209 311 *
kaf24@1209 312 * to work out the length of the io region a device probe typically does:
kaf24@1209 313 * 1) a = read_base_addr_reg()
kaf24@1209 314 * 2) write_base_addr_reg(0xffffffff)
kaf24@1464 315 * 3) b = read_base_addr_reg() [device zeros lower bits]
kaf24@1464 316 * 4) write_base_addr_reg(a) [restore original value]
kaf24@1209 317 * this function fakes out step 2-4. *no* writes are made to the device.
kaf24@1209 318 *
kaf24@1209 319 * phys_dev_t contains a bit field (a bit for each base address register).
kaf24@1209 320 * if the bit for a register is set the guest had writen all 1s to the
kaf24@1209 321 * register and subsequent read request need to fake out the b.
kaf24@1209 322 * if the guest restores the original value (step 4 above) the bit is
kaf24@1209 323 * cleared again. If the guest attempts to "restores" a wrong value an
kaf24@1209 324 * error is flagged.
kaf24@1209 325 */
kaf24@1291 326 static int do_base_address_access(phys_dev_t *pdev, int acc, int idx,
kaf24@1291 327 int len, u32 *val)
kaf24@1209 328 {
kaf24@1291 329 int st_bit, reg = PCI_BASE_ADDRESS_0 + (idx*4), ret = -EINVAL;
kaf24@1291 330 struct pci_dev *dev = pdev->dev;
kaf24@1209 331 u32 orig_val, sz;
kaf24@1209 332 struct resource *res;
kaf24@1209 333
kaf24@1291 334 if ( len != sizeof(u32) )
kaf24@1291 335 {
mwilli2@1365 336 /* This isn't illegal, but there doesn't seem to be a very good reason
mwilli2@1365 337 * to do it for normal devices (bridges are another matter). Since it
mwilli2@1365 338 * would complicate the code below, we don't support this for now. */
mwilli2@1365 339
mwilli2@1365 340 /* We could set *val to some value but the guest may well be in trouble
mwilli2@1365 341 * anyway if this write fails. Hopefully the printk will give us a
mwilli2@1365 342 * clue what went wrong. */
kaf24@1584 343 INFO("Guest %u attempting sub-dword %s to BASE_ADDRESS %d\n",
kaf24@2748 344 pdev->owner->id, (acc == ACC_READ) ? "read" : "write", idx);
mwilli2@1365 345
kaf24@1291 346 return -EPERM;
kaf24@1291 347 }
kaf24@1291 348
kaf24@1209 349 st_bit = idx + ST_BASE_ADDRESS;
kaf24@1209 350 res = &(pdev->dev->resource[idx]);
kaf24@1209 351
kaf24@1209 352 if ( acc == ACC_WRITE )
kaf24@1209 353 {
kaf24@1291 354 if ( (*val == 0xffffffff) ||
kaf24@1291 355 ((res->flags & IORESOURCE_IO) && (*val == 0xffff)) )
kaf24@1209 356 {
kaf24@1291 357 /* Set bit and return. */
kaf24@1209 358 set_bit(st_bit, &pdev->state);
kaf24@1209 359 ret = 0;
kaf24@1209 360 }
kaf24@1209 361 else
kaf24@1209 362 {
kaf24@1291 363 /* Assume guest wants to set the base address. */
kaf24@1209 364 clear_bit(st_bit, &pdev->state);
kaf24@1209 365
kaf24@1209 366 /* check if guest tries to restore orig value */
kaf24@1291 367 ret = pci_read_config_dword(dev, reg, &orig_val);
kaf24@1291 368 if ( (ret == 0) && (*val != orig_val) )
kaf24@1209 369 {
kaf24@1291 370 INFO("Guest attempting update to BASE_ADDRESS %d\n", idx);
kaf24@1209 371 ret = -EPERM;
kaf24@1209 372 }
kaf24@1209 373 }
kaf24@1291 374 VERBOSE_INFO("fixed pci write: %02x:%02x:%02x reg=0x%02x len=0x%02x"
mwilli2@1386 375 " val=0x%08x %x\n",
kaf24@1291 376 dev->bus->number, PCI_SLOT(dev->devfn),
kaf24@1291 377 PCI_FUNC(dev->devfn), reg, len, *val, pdev->state);
kaf24@1209 378 }
kaf24@1209 379 else if ( acc == ACC_READ )
kaf24@1209 380 {
kaf24@1291 381 ret = pci_read_config_dword(dev, reg, val);
kaf24@1291 382 if ( (ret == 0) && test_bit(st_bit, &pdev->state) )
kaf24@1209 383 {
kaf24@1291 384 /* Cook the value. */
kaf24@1209 385 sz = res->end - res->start;
kaf24@1209 386 if ( res->flags & IORESOURCE_MEM )
kaf24@1209 387 {
kaf24@1247 388 /* this is written out explicitly for clarity */
kaf24@1209 389 *val = 0xffffffff;
kaf24@1209 390 /* bit 0 = 0 */
kaf24@1209 391 /* bit 21 = memory type */
kaf24@1209 392 /* bit 3 = prefetchable */
kaf24@1209 393 /* bit 4-31 width */
kaf24@1209 394 sz = sz >> 4; /* size in blocks of 16 byte */
kaf24@1209 395 sz = ~sz; /* invert */
kaf24@1209 396 *val = *val & (sz << 4); /* and in the size */
kaf24@1209 397 /* use read values for low 4 bits */
kaf24@1209 398 *val = *val | (orig_val & 0xf);
kaf24@1209 399 }
kaf24@1209 400 else if ( res->flags & IORESOURCE_IO )
kaf24@1209 401 {
kaf24@1209 402 *val = 0x0000ffff;
kaf24@1209 403 /* bit 10 = 01 */
kaf24@1209 404 /* bit 2-31 width */
kaf24@1209 405 sz = sz >> 2; /* size in dwords */
kaf24@1209 406 sz = ~sz & 0x0000ffff;
kaf24@1209 407 *val = *val & (sz << 2);
kaf24@1209 408 *val = *val | 0x1;
kaf24@1209 409 }
kaf24@1209 410 }
kaf24@1291 411 VERBOSE_INFO("fixed pci read: %02x:%02x:%02x reg=0x%02x len=0x%02x"
mwilli2@1386 412 " val=0x%08x %x\n",
kaf24@1291 413 dev->bus->number, PCI_SLOT(dev->devfn),
kaf24@1291 414 PCI_FUNC(dev->devfn), reg, len, *val, pdev->state);
kaf24@1209 415 }
kaf24@1209 416
kaf24@1209 417 return ret;
kaf24@1209 418 }
kaf24@1209 419
kaf24@1291 420
kaf24@1291 421 static int do_rom_address_access(phys_dev_t *pdev, int acc, int len, u32 *val)
kaf24@1209 422 {
kaf24@1209 423 int st_bit, ret = -EINVAL;
kaf24@1291 424 struct pci_dev *dev = pdev->dev;
kaf24@1209 425 u32 orig_val, sz;
kaf24@1209 426 struct resource *res;
kaf24@1209 427
kaf24@1291 428 if ( len != sizeof(u32) )
kaf24@1291 429 {
kaf24@1291 430 INFO("Guest attempting sub-dword %s to ROM_ADDRESS\n",
kaf24@1291 431 (acc == ACC_READ) ? "read" : "write");
kaf24@1291 432 return -EPERM;
kaf24@1291 433 }
kaf24@1291 434
kaf24@1209 435 st_bit = ST_ROM_ADDRESS;
kaf24@1209 436 res = &(pdev->dev->resource[PCI_ROM_RESOURCE]);
kaf24@1209 437
kaf24@1209 438 if ( acc == ACC_WRITE )
kaf24@1209 439 {
kaf24@1291 440 if ( (*val == 0xffffffff) || (*val == 0xfffffffe) )
kaf24@1209 441 {
kaf24@1291 442 /* NB. 0xffffffff would be unusual, but we trap it anyway. */
kaf24@1209 443 set_bit(st_bit, &pdev->state);
kaf24@1209 444 ret = 0;
kaf24@1209 445 }
kaf24@1209 446 else
kaf24@1209 447 {
kaf24@1291 448 /* Assume guest wants simply to set the base address. */
kaf24@1209 449 clear_bit(st_bit, &pdev->state);
kaf24@1209 450
kaf24@1291 451 /* Check if guest tries to restore the original value. */
kaf24@1291 452 ret = pci_read_config_dword(dev, PCI_ROM_ADDRESS, &orig_val);
kaf24@1291 453 if ( (ret == 0) && (*val != orig_val) )
kaf24@1209 454 {
kaf24@1291 455 if ( (*val != 0x00000000) )
kaf24@1209 456 {
kaf24@1291 457 INFO("caution: guest tried to change rom address.\n");
kaf24@1209 458 ret = -EPERM;
kaf24@1209 459 }
kaf24@1209 460 else
kaf24@1209 461 {
kaf24@1291 462 INFO("guest disabled rom access for %02x:%02x:%02x\n",
kaf24@1291 463 dev->bus->number, PCI_SLOT(dev->devfn),
kaf24@1291 464 PCI_FUNC(dev->devfn));
kaf24@1209 465 }
kaf24@1209 466 }
kaf24@1209 467 }
kaf24@1291 468 VERBOSE_INFO("fixed pci write: %02x:%02x:%02x reg=0x%02x len=0x%02x"
mwilli2@1386 469 " val=0x%08x %x\n",
kaf24@1291 470 dev->bus->number, PCI_SLOT(dev->devfn),
mwilli2@1386 471 PCI_FUNC(dev->devfn), PCI_ROM_ADDRESS, len, *val, pdev->state);
kaf24@1209 472 }
kaf24@1209 473 else if ( acc == ACC_READ )
kaf24@1209 474 {
kaf24@1291 475 ret = pci_read_config_dword(dev, PCI_ROM_ADDRESS, val);
kaf24@1291 476 if ( (ret == 0) && test_bit(st_bit, &pdev->state) )
kaf24@1209 477 {
kaf24@1291 478 /* Cook the value. */
kaf24@1209 479 sz = res->end - res->start;
kaf24@1209 480 *val = 0xffffffff;
kaf24@1209 481 /* leave bit 0 untouched */
kaf24@1209 482 /* bit 1-10 reserved, harwired to 0 */
kaf24@1209 483 sz = sz >> 11; /* size is in 2KB blocks */
kaf24@1209 484 sz = ~sz;
kaf24@1209 485 *val = *val & (sz << 11);
kaf24@1209 486 *val = *val | (orig_val & 0x1);
kaf24@1209 487 }
kaf24@1291 488 VERBOSE_INFO("fixed pci read: %02x:%02x:%02x reg=0x%02x len=0x%02x"
mwilli2@1386 489 " val=0x%08x %x\n",
kaf24@1291 490 dev->bus->number, PCI_SLOT(dev->devfn),
mwilli2@1386 491 PCI_FUNC(dev->devfn), PCI_ROM_ADDRESS, len, *val, pdev->state);
kaf24@1291 492 }
kaf24@1209 493
kaf24@1209 494 return ret;
kaf24@1209 495
kaf24@1209 496 }
kaf24@3433 497 #endif /* SLOPPY_CHECKING */
kaf24@1209 498
kaf24@1209 499 /*
kaf24@1291 500 * Handle a PCI config space read access if the domain has access privileges.
kaf24@1209 501 */
kaf24@1290 502 static long pci_cfgreg_read(int bus, int dev, int func, int reg,
kaf24@1209 503 int len, u32 *val)
kaf24@1209 504 {
kaf24@1290 505 int ret;
kaf24@1209 506 phys_dev_t *pdev;
kaf24@1209 507
cl349@2957 508 if ( (ret = check_dev_acc(current->domain, bus, dev, func, &pdev)) != 0 )
mwilli2@1365 509 {
mwilli2@1365 510 /* PCI spec states that reads from non-existent devices should return
mwilli2@1365 511 * all 1s. In this case the domain has no read access, which should
mwilli2@1365 512 * also look like the device is non-existent. */
mwilli2@1365 513 *val = 0xFFFFFFFF;
kaf24@3433 514 return ret;
mwilli2@1365 515 }
kaf24@1209 516
kaf24@1290 517 /* Fake out read requests for some registers. */
kaf24@1290 518 switch ( reg )
kaf24@1209 519 {
kaf24@3433 520 #ifndef SLOPPY_CHECKING
kaf24@1209 521 case PCI_BASE_ADDRESS_0:
kaf24@1291 522 ret = do_base_address_access(pdev, ACC_READ, 0, len, val);
kaf24@1291 523 break;
kaf24@1291 524
kaf24@1209 525 case PCI_BASE_ADDRESS_1:
kaf24@1291 526 ret = do_base_address_access(pdev, ACC_READ, 1, len, val);
kaf24@1291 527 break;
kaf24@1291 528
kaf24@1209 529 case PCI_BASE_ADDRESS_2:
kaf24@1291 530 ret = do_base_address_access(pdev, ACC_READ, 2, len, val);
kaf24@1291 531 break;
kaf24@1291 532
kaf24@1209 533 case PCI_BASE_ADDRESS_3:
kaf24@1291 534 ret = do_base_address_access(pdev, ACC_READ, 3, len, val);
kaf24@1291 535 break;
kaf24@1291 536
kaf24@1209 537 case PCI_BASE_ADDRESS_4:
kaf24@1291 538 ret = do_base_address_access(pdev, ACC_READ, 4, len, val);
kaf24@1291 539 break;
kaf24@1291 540
kaf24@1209 541 case PCI_BASE_ADDRESS_5:
kaf24@1291 542 ret = do_base_address_access(pdev, ACC_READ, 5, len, val);
kaf24@1209 543 break;
kaf24@1290 544
kaf24@1209 545 case PCI_ROM_ADDRESS:
kaf24@1291 546 ret = do_rom_address_access(pdev, ACC_READ, len, val);
kaf24@1209 547 break;
kaf24@3433 548 #endif
kaf24@1290 549
kaf24@1290 550 case PCI_INTERRUPT_LINE:
kaf24@1291 551 *val = pdev->dev->irq;
kaf24@1291 552 ret = 0;
kaf24@1290 553 break;
kaf24@1290 554
kaf24@1209 555 default:
kaf24@1290 556 ret = pci_config_read(0, bus, dev, func, reg, len, val);
kaf24@1291 557 VERBOSE_INFO("pci read : %02x:%02x:%02x reg=0x%02x len=0x%02x "
kaf24@1291 558 "val=0x%08x\n", bus, dev, func, reg, len, *val);
kaf24@1209 559 break;
kaf24@1209 560 }
kaf24@1209 561
kaf24@1209 562 return ret;
kaf24@1209 563 }
kaf24@1209 564
kaf24@1291 565
kaf24@1209 566 /*
kaf24@1291 567 * Handle a PCI config space write access if the domain has access privileges.
kaf24@1209 568 */
kaf24@1290 569 static long pci_cfgreg_write(int bus, int dev, int func, int reg,
kaf24@1209 570 int len, u32 val)
kaf24@1209 571 {
kaf24@1290 572 int ret;
kaf24@1209 573 phys_dev_t *pdev;
kaf24@1209 574
cl349@2957 575 if ( (ret = check_dev_acc(current->domain, bus, dev, func, &pdev)) != 0 )
kaf24@1209 576 return ret;
kaf24@1209 577
kaf24@1209 578 /* special treatment for some registers */
kaf24@1209 579 switch (reg)
kaf24@1209 580 {
kaf24@3433 581 #ifndef SLOPPY_CHECKING
kaf24@1209 582 case PCI_BASE_ADDRESS_0:
kaf24@1291 583 ret = do_base_address_access(pdev, ACC_WRITE, 0, len, &val);
kaf24@1291 584 break;
kaf24@1291 585
kaf24@1209 586 case PCI_BASE_ADDRESS_1:
kaf24@1291 587 ret = do_base_address_access(pdev, ACC_WRITE, 1, len, &val);
kaf24@1291 588 break;
kaf24@1291 589
kaf24@1209 590 case PCI_BASE_ADDRESS_2:
kaf24@1291 591 ret = do_base_address_access(pdev, ACC_WRITE, 2, len, &val);
kaf24@1291 592 break;
kaf24@1291 593
kaf24@1209 594 case PCI_BASE_ADDRESS_3:
kaf24@1291 595 ret = do_base_address_access(pdev, ACC_WRITE, 3, len, &val);
kaf24@1291 596 break;
kaf24@1291 597
kaf24@1209 598 case PCI_BASE_ADDRESS_4:
kaf24@1291 599 ret = do_base_address_access(pdev, ACC_WRITE, 4, len, &val);
kaf24@1291 600 break;
kaf24@1291 601
kaf24@1209 602 case PCI_BASE_ADDRESS_5:
kaf24@1291 603 ret = do_base_address_access(pdev, ACC_WRITE, 5, len, &val);
kaf24@1209 604 break;
kaf24@1290 605
kaf24@1209 606 case PCI_ROM_ADDRESS:
kaf24@1291 607 ret = do_rom_address_access(pdev, ACC_WRITE, len, &val);
kaf24@1209 608 break;
kaf24@3433 609 #endif
kaf24@1290 610
kaf24@1209 611 default:
kaf24@1290 612 if ( pdev->flags != ACC_WRITE )
kaf24@1209 613 {
kaf24@1291 614 INFO("pci write not allowed %02x:%02x:%02x: "
kaf24@1291 615 "reg=0x%02x len=0x%02x val=0x%08x\n",
kaf24@1291 616 bus, dev, func, reg, len, val);
kaf24@1290 617 ret = -EPERM;
kaf24@1290 618 }
kaf24@1290 619 else
kaf24@1290 620 {
kaf24@1290 621 ret = pci_config_write(0, bus, dev, func, reg, len, val);
kaf24@1291 622 VERBOSE_INFO("pci write: %02x:%02x:%02x reg=0x%02x len=0x%02x "
kaf24@1291 623 "val=0x%08x\n", bus, dev, func, reg, len, val);
kaf24@1209 624 }
kaf24@1209 625 break;
kaf24@1209 626 }
kaf24@1209 627
kaf24@1209 628 return ret;
kaf24@1209 629 }
kaf24@1209 630
kaf24@1247 631
kaf24@1290 632 static long pci_probe_root_buses(u32 *busmask)
kaf24@1290 633 {
kaf24@1290 634 phys_dev_t *pdev;
kaf24@1209 635
kaf24@1290 636 memset(busmask, 0, 256/8);
kaf24@1209 637
kaf24@3571 638 list_for_each_entry ( pdev, &current->domain->pcidev_list, node )
kaf24@1290 639 set_bit(pdev->dev->bus->number, busmask);
kaf24@1209 640
kaf24@1209 641 return 0;
kaf24@1209 642 }
kaf24@1209 643
kaf24@1209 644
kaf24@1209 645 /*
kaf24@1290 646 * Demuxing hypercall.
kaf24@1209 647 */
kaf24@1211 648 long do_physdev_op(physdev_op_t *uop)
kaf24@1209 649 {
kaf24@1410 650 phys_dev_t *pdev;
kaf24@1211 651 physdev_op_t op;
kaf24@1410 652 long ret;
kaf24@1410 653 int irq;
kaf24@1209 654
kaf24@1209 655 if ( unlikely(copy_from_user(&op, uop, sizeof(op)) != 0) )
kaf24@1209 656 return -EFAULT;
kaf24@1209 657
kaf24@1209 658 switch ( op.cmd )
kaf24@1209 659 {
kaf24@1290 660 case PHYSDEVOP_PCI_CFGREG_READ:
kaf24@1290 661 ret = pci_cfgreg_read(op.u.pci_cfgreg_read.bus,
kaf24@1290 662 op.u.pci_cfgreg_read.dev,
kaf24@1290 663 op.u.pci_cfgreg_read.func,
kaf24@1290 664 op.u.pci_cfgreg_read.reg,
kaf24@1290 665 op.u.pci_cfgreg_read.len,
kaf24@1290 666 &op.u.pci_cfgreg_read.value);
kaf24@1209 667 break;
kaf24@1209 668
kaf24@1290 669 case PHYSDEVOP_PCI_CFGREG_WRITE:
kaf24@1290 670 ret = pci_cfgreg_write(op.u.pci_cfgreg_write.bus,
kaf24@1290 671 op.u.pci_cfgreg_write.dev,
kaf24@1290 672 op.u.pci_cfgreg_write.func,
kaf24@1290 673 op.u.pci_cfgreg_write.reg,
kaf24@1290 674 op.u.pci_cfgreg_write.len,
kaf24@1290 675 op.u.pci_cfgreg_write.value);
kaf24@1209 676 break;
kaf24@1209 677
kaf24@1290 678 case PHYSDEVOP_PCI_INITIALISE_DEVICE:
cl349@2957 679 if ( (ret = check_dev_acc(current->domain,
kaf24@1290 680 op.u.pci_initialise_device.bus,
kaf24@1290 681 op.u.pci_initialise_device.dev,
kaf24@1290 682 op.u.pci_initialise_device.func,
kaf24@1290 683 &pdev)) == 0 )
kaf24@1290 684 pcibios_enable_irq(pdev->dev);
kaf24@1290 685 break;
kaf24@1290 686
kaf24@1290 687 case PHYSDEVOP_PCI_PROBE_ROOT_BUSES:
kaf24@1290 688 ret = pci_probe_root_buses(op.u.pci_probe_root_buses.busmask);
kaf24@1209 689 break;
kaf24@1209 690
kaf24@1410 691 case PHYSDEVOP_IRQ_UNMASK_NOTIFY:
cl349@2957 692 ret = pirq_guest_unmask(current->domain);
kaf24@1209 693 break;
kaf24@1209 694
kaf24@1410 695 case PHYSDEVOP_IRQ_STATUS_QUERY:
kaf24@1410 696 irq = op.u.irq_status_query.irq;
kaf24@1410 697 ret = -EINVAL;
kaf24@1410 698 if ( (irq < 0) || (irq >= NR_IRQS) )
kaf24@1410 699 break;
kaf24@1410 700 op.u.irq_status_query.flags = 0;
kaf24@1410 701 /* Edge-triggered interrupts don't need an explicit unmask downcall. */
kaf24@1410 702 if ( strstr(irq_desc[irq].handler->typename, "edge") == NULL )
kaf24@1410 703 op.u.irq_status_query.flags |= PHYSDEVOP_IRQ_NEEDS_UNMASK_NOTIFY;
kaf24@1410 704 ret = 0;
kaf24@1410 705 break;
kaf24@1410 706
kaf24@1209 707 default:
kaf24@1209 708 ret = -EINVAL;
kaf24@1209 709 break;
kaf24@1209 710 }
kaf24@1209 711
kaf24@1209 712 copy_to_user(uop, &op, sizeof(op));
kaf24@1209 713 return ret;
kaf24@1209 714 }
kaf24@1209 715
kaf24@3372 716 /* opt_physdev_dom0_hide: list of PCI slots to hide from domain 0. */
kaf24@3372 717 /* Format is '(%02x:%02x.%1x)(%02x:%02x.%1x)' and so on. */
kaf24@3372 718 static char opt_physdev_dom0_hide[200] = "";
kaf24@3372 719 string_param("physdev_dom0_hide", opt_physdev_dom0_hide);
kaf24@3372 720
mwilli2@1365 721 /* Test if boot params specify this device should NOT be visible to DOM0
mwilli2@1365 722 * (e.g. so that another domain can control it instead) */
mwilli2@1365 723 int pcidev_dom0_hidden(struct pci_dev *dev)
mwilli2@1365 724 {
mwilli2@1365 725 char cmp[10] = "(.......)";
mwilli2@1365 726
mwilli2@1365 727 strncpy(&cmp[1], dev->slot_name, 7);
mwilli2@1365 728
mwilli2@1365 729 if ( strstr(opt_physdev_dom0_hide, dev->slot_name) == NULL )
mwilli2@1365 730 return 0;
mwilli2@1365 731
mwilli2@1365 732 return 1;
mwilli2@1365 733 }
mwilli2@1365 734
kaf24@1209 735
kaf24@1290 736 /* Domain 0 has read access to all devices. */
kaf24@1543 737 void physdev_init_dom0(struct domain *p)
kaf24@1209 738 {
kaf24@1209 739 struct pci_dev *dev;
kaf24@1209 740 phys_dev_t *pdev;
kaf24@1209 741
kaf24@1291 742 INFO("Give DOM0 read access to all PCI devices\n");
kaf24@1209 743
kaf24@1209 744 pci_for_each_dev(dev)
kaf24@1209 745 {
kaf24@1584 746 if ( pcidev_dom0_hidden(dev) )
mwilli2@1365 747 {
kaf24@1584 748 printk("Hiding PCI device %s from DOM0\n", dev->slot_name);
kaf24@1584 749 continue;
mwilli2@1365 750 }
kaf24@1584 751
cl349@2145 752 /* Skip bridges and other peculiarities for now.
cl349@2145 753 *
cl349@2145 754 * Note that this can prevent the guest from detecting devices
cl349@2145 755 * with fn>0 on slots where the fn=0 device is a bridge. We
cl349@2145 756 * can identify such slots by looking at the multifunction bit
cl349@2145 757 * (top bit of hdr_type, masked out in dev->hdr_type).
cl349@2145 758 *
cl349@2145 759 * In Linux2.4 we find all devices because the detection code
cl349@2145 760 * scans all functions if the read of the fn=0 device's header
cl349@2145 761 * type fails.
cl349@2145 762 *
cl349@2145 763 * In Linux2.6 we set pcibios_scan_all_fns().
cl349@2145 764 */
kaf24@3306 765 if ( (dev->hdr_type != PCI_HEADER_TYPE_NORMAL) &&
kaf24@3306 766 (dev->hdr_type != PCI_HEADER_TYPE_CARDBUS) )
kaf24@1584 767 continue;
iap10@3650 768 pdev = xmalloc(phys_dev_t);
kaf24@1584 769 pdev->dev = dev;
kaf24@1584 770 pdev->flags = ACC_WRITE;
kaf24@1584 771 pdev->state = 0;
kaf24@1584 772 pdev->owner = p;
kaf24@1584 773 list_add(&pdev->node, &p->pcidev_list);
mwilli2@1365 774 }
mwilli2@1377 775
cl349@2957 776 set_bit(DF_PHYSDEV, &p->d_flags);
kaf24@1209 777 }
mwilli2@1365 778