1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (c) 2021, NVIDIA CORPORATION & AFFILIATES. All rights reserved
4 *
5 * Copyright (C) 2012 Red Hat, Inc. All rights reserved.
6 * Author: Alex Williamson <alex.williamson@redhat.com>
7 *
8 * Derived from original vfio:
9 * Copyright 2010 Cisco Systems, Inc. All rights reserved.
10 * Author: Tom Lyon, pugs@cisco.com
11 */
12
13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14
15 #include <linux/device.h>
16 #include <linux/eventfd.h>
17 #include <linux/file.h>
18 #include <linux/interrupt.h>
19 #include <linux/iommu.h>
20 #include <linux/module.h>
21 #include <linux/mutex.h>
22 #include <linux/notifier.h>
23 #include <linux/pm_runtime.h>
24 #include <linux/slab.h>
25 #include <linux/types.h>
26 #include <linux/uaccess.h>
27
28 #include "vfio_pci_priv.h"
29
30 #define DRIVER_AUTHOR "Alex Williamson <alex.williamson@redhat.com>"
31 #define DRIVER_DESC "VFIO PCI - User Level meta-driver"
32
33 static char ids[1024] __initdata;
34 module_param_string(ids, ids, sizeof(ids), 0);
35 MODULE_PARM_DESC(ids, "Initial PCI IDs to add to the vfio driver, format is \"vendor:device[:subvendor[:subdevice[:class[:class_mask]]]]\" and multiple comma separated entries can be specified");
36
37 static bool nointxmask;
38 module_param_named(nointxmask, nointxmask, bool, S_IRUGO | S_IWUSR);
39 MODULE_PARM_DESC(nointxmask,
40 "Disable support for PCI 2.3 style INTx masking. If this resolves problems for specific devices, report lspci -vvvxxx to linux-pci@vger.kernel.org so the device can be fixed automatically via the broken_intx_masking flag.");
41
42 #ifdef CONFIG_VFIO_PCI_VGA
43 static bool disable_vga;
44 module_param(disable_vga, bool, S_IRUGO);
45 MODULE_PARM_DESC(disable_vga, "Disable VGA resource access through vfio-pci");
46 #endif
47
48 static bool disable_idle_d3;
49 module_param(disable_idle_d3, bool, S_IRUGO | S_IWUSR);
50 MODULE_PARM_DESC(disable_idle_d3,
51 "Disable using the PCI D3 low power state for idle, unused devices");
52
53 static bool enable_sriov;
54 #ifdef CONFIG_PCI_IOV
55 module_param(enable_sriov, bool, 0644);
56 MODULE_PARM_DESC(enable_sriov, "Enable support for SR-IOV configuration. Enabling SR-IOV on a PF typically requires support of the userspace PF driver, enabling VFs without such support may result in non-functional VFs or PF.");
57 #endif
58
59 static bool disable_denylist;
60 module_param(disable_denylist, bool, 0444);
61 MODULE_PARM_DESC(disable_denylist, "Disable use of device denylist. Disabling the denylist allows binding to devices with known errata that may lead to exploitable stability or security issues when accessed by untrusted users.");
62
vfio_pci_dev_in_denylist(struct pci_dev * pdev)63 static bool vfio_pci_dev_in_denylist(struct pci_dev *pdev)
64 {
65 switch (pdev->vendor) {
66 case PCI_VENDOR_ID_INTEL:
67 switch (pdev->device) {
68 case PCI_DEVICE_ID_INTEL_QAT_C3XXX:
69 case PCI_DEVICE_ID_INTEL_QAT_C3XXX_VF:
70 case PCI_DEVICE_ID_INTEL_QAT_C62X:
71 case PCI_DEVICE_ID_INTEL_QAT_C62X_VF:
72 case PCI_DEVICE_ID_INTEL_QAT_DH895XCC:
73 case PCI_DEVICE_ID_INTEL_QAT_DH895XCC_VF:
74 case PCI_DEVICE_ID_INTEL_DSA_SPR0:
75 case PCI_DEVICE_ID_INTEL_IAX_SPR0:
76 return true;
77 default:
78 return false;
79 }
80 }
81
82 return false;
83 }
84
vfio_pci_is_denylisted(struct pci_dev * pdev)85 static bool vfio_pci_is_denylisted(struct pci_dev *pdev)
86 {
87 if (!vfio_pci_dev_in_denylist(pdev))
88 return false;
89
90 if (disable_denylist) {
91 pci_warn(pdev,
92 "device denylist disabled - allowing device %04x:%04x.\n",
93 pdev->vendor, pdev->device);
94 return false;
95 }
96
97 pci_warn(pdev, "%04x:%04x exists in vfio-pci device denylist, driver probing disallowed.\n",
98 pdev->vendor, pdev->device);
99
100 return true;
101 }
102
vfio_pci_open_device(struct vfio_device * core_vdev)103 static int vfio_pci_open_device(struct vfio_device *core_vdev)
104 {
105 struct vfio_pci_core_device *vdev =
106 container_of(core_vdev, struct vfio_pci_core_device, vdev);
107 struct pci_dev *pdev = vdev->pdev;
108 int ret;
109
110 ret = vfio_pci_core_enable(vdev);
111 if (ret)
112 return ret;
113
114 if (vfio_pci_is_intel_display(pdev)) {
115 ret = vfio_pci_igd_init(vdev);
116 if (ret && ret != -ENODEV) {
117 pci_warn(pdev, "Failed to setup Intel IGD regions\n");
118 vfio_pci_core_disable(vdev);
119 return ret;
120 }
121 }
122
123 vfio_pci_core_finish_enable(vdev);
124
125 return 0;
126 }
127
128 static const struct vfio_device_ops vfio_pci_ops = {
129 .name = "vfio-pci",
130 .init = vfio_pci_core_init_dev,
131 .release = vfio_pci_core_release_dev,
132 .open_device = vfio_pci_open_device,
133 .close_device = vfio_pci_core_close_device,
134 .ioctl = vfio_pci_core_ioctl,
135 .get_region_info_caps = vfio_pci_ioctl_get_region_info,
136 .device_feature = vfio_pci_core_ioctl_feature,
137 .read = vfio_pci_core_read,
138 .write = vfio_pci_core_write,
139 .mmap = vfio_pci_core_mmap,
140 .request = vfio_pci_core_request,
141 .match = vfio_pci_core_match,
142 .match_token_uuid = vfio_pci_core_match_token_uuid,
143 .bind_iommufd = vfio_iommufd_physical_bind,
144 .unbind_iommufd = vfio_iommufd_physical_unbind,
145 .attach_ioas = vfio_iommufd_physical_attach_ioas,
146 .detach_ioas = vfio_iommufd_physical_detach_ioas,
147 .pasid_attach_ioas = vfio_iommufd_physical_pasid_attach_ioas,
148 .pasid_detach_ioas = vfio_iommufd_physical_pasid_detach_ioas,
149 };
150
151 static const struct vfio_pci_device_ops vfio_pci_dev_ops = {
152 .get_dmabuf_phys = vfio_pci_core_get_dmabuf_phys,
153 };
154
vfio_pci_probe(struct pci_dev * pdev,const struct pci_device_id * id)155 static int vfio_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
156 {
157 struct vfio_pci_core_device *vdev;
158 int ret;
159
160 if (vfio_pci_is_denylisted(pdev))
161 return -EINVAL;
162
163 vdev = vfio_alloc_device(vfio_pci_core_device, vdev, &pdev->dev,
164 &vfio_pci_ops);
165 if (IS_ERR(vdev))
166 return PTR_ERR(vdev);
167
168 dev_set_drvdata(&pdev->dev, vdev);
169 vdev->pci_ops = &vfio_pci_dev_ops;
170 ret = vfio_pci_core_register_device(vdev);
171 if (ret)
172 goto out_put_vdev;
173 return 0;
174
175 out_put_vdev:
176 vfio_put_device(&vdev->vdev);
177 return ret;
178 }
179
vfio_pci_remove(struct pci_dev * pdev)180 static void vfio_pci_remove(struct pci_dev *pdev)
181 {
182 struct vfio_pci_core_device *vdev = dev_get_drvdata(&pdev->dev);
183
184 vfio_pci_core_unregister_device(vdev);
185 vfio_put_device(&vdev->vdev);
186 }
187
vfio_pci_sriov_configure(struct pci_dev * pdev,int nr_virtfn)188 static int vfio_pci_sriov_configure(struct pci_dev *pdev, int nr_virtfn)
189 {
190 struct vfio_pci_core_device *vdev = dev_get_drvdata(&pdev->dev);
191
192 if (!enable_sriov)
193 return -ENOENT;
194
195 return vfio_pci_core_sriov_configure(vdev, nr_virtfn);
196 }
197
198 static const struct pci_device_id vfio_pci_table[] = {
199 { PCI_DRIVER_OVERRIDE_DEVICE_VFIO(PCI_ANY_ID, PCI_ANY_ID) }, /* match all by default */
200 {}
201 };
202
203 MODULE_DEVICE_TABLE(pci, vfio_pci_table);
204
205 static struct pci_driver vfio_pci_driver = {
206 .name = "vfio-pci",
207 .id_table = vfio_pci_table,
208 .probe = vfio_pci_probe,
209 .remove = vfio_pci_remove,
210 .sriov_configure = vfio_pci_sriov_configure,
211 .err_handler = &vfio_pci_core_err_handlers,
212 .driver_managed_dma = true,
213 };
214
vfio_pci_fill_ids(void)215 static void __init vfio_pci_fill_ids(void)
216 {
217 char *p, *id;
218 int rc;
219
220 /* no ids passed actually */
221 if (ids[0] == '\0')
222 return;
223
224 /* add ids specified in the module parameter */
225 p = ids;
226 while ((id = strsep(&p, ","))) {
227 unsigned int vendor, device, subvendor = PCI_ANY_ID,
228 subdevice = PCI_ANY_ID, class = 0, class_mask = 0;
229 int fields;
230
231 if (!strlen(id))
232 continue;
233
234 fields = sscanf(id, "%x:%x:%x:%x:%x:%x",
235 &vendor, &device, &subvendor, &subdevice,
236 &class, &class_mask);
237
238 if (fields < 2) {
239 pr_warn("invalid id string \"%s\"\n", id);
240 continue;
241 }
242
243 rc = pci_add_dynid(&vfio_pci_driver, vendor, device,
244 subvendor, subdevice, class, class_mask, 0);
245 if (rc)
246 pr_warn("failed to add dynamic id [%04x:%04x[%04x:%04x]] class %#08x/%08x (%d)\n",
247 vendor, device, subvendor, subdevice,
248 class, class_mask, rc);
249 else
250 pr_info("add [%04x:%04x[%04x:%04x]] class %#08x/%08x\n",
251 vendor, device, subvendor, subdevice,
252 class, class_mask);
253 }
254 }
255
vfio_pci_init(void)256 static int __init vfio_pci_init(void)
257 {
258 int ret;
259 bool is_disable_vga = true;
260
261 #ifdef CONFIG_VFIO_PCI_VGA
262 is_disable_vga = disable_vga;
263 #endif
264
265 vfio_pci_core_set_params(nointxmask, is_disable_vga, disable_idle_d3);
266
267 /* Register and scan for devices */
268 ret = pci_register_driver(&vfio_pci_driver);
269 if (ret)
270 return ret;
271
272 vfio_pci_fill_ids();
273
274 if (disable_denylist)
275 pr_warn("device denylist disabled.\n");
276
277 return 0;
278 }
279 module_init(vfio_pci_init);
280
vfio_pci_cleanup(void)281 static void __exit vfio_pci_cleanup(void)
282 {
283 pci_unregister_driver(&vfio_pci_driver);
284 }
285 module_exit(vfio_pci_cleanup);
286
287 MODULE_LICENSE("GPL v2");
288 MODULE_AUTHOR(DRIVER_AUTHOR);
289 MODULE_DESCRIPTION(DRIVER_DESC);
290