1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * PCI VPD support 4 * 5 * Copyright (C) 2010 Broadcom Corporation. 6 */ 7 8 #include <linux/pci.h> 9 #include <linux/delay.h> 10 #include <linux/export.h> 11 #include <linux/sched/signal.h> 12 #include "pci.h" 13 14 /* VPD access through PCI 2.2+ VPD capability */ 15 16 struct pci_vpd_ops { 17 ssize_t (*read)(struct pci_dev *dev, loff_t pos, size_t count, void *buf); 18 ssize_t (*write)(struct pci_dev *dev, loff_t pos, size_t count, const void *buf); 19 int (*set_size)(struct pci_dev *dev, size_t len); 20 }; 21 22 struct pci_vpd { 23 const struct pci_vpd_ops *ops; 24 struct bin_attribute *attr; /* Descriptor for sysfs VPD entry */ 25 struct mutex lock; 26 unsigned int len; 27 u16 flag; 28 u8 cap; 29 unsigned int busy:1; 30 unsigned int valid:1; 31 }; 32 33 /** 34 * pci_read_vpd - Read one entry from Vital Product Data 35 * @dev: pci device struct 36 * @pos: offset in vpd space 37 * @count: number of bytes to read 38 * @buf: pointer to where to store result 39 */ 40 ssize_t pci_read_vpd(struct pci_dev *dev, loff_t pos, size_t count, void *buf) 41 { 42 if (!dev->vpd || !dev->vpd->ops) 43 return -ENODEV; 44 return dev->vpd->ops->read(dev, pos, count, buf); 45 } 46 EXPORT_SYMBOL(pci_read_vpd); 47 48 /** 49 * pci_write_vpd - Write entry to Vital Product Data 50 * @dev: pci device struct 51 * @pos: offset in vpd space 52 * @count: number of bytes to write 53 * @buf: buffer containing write data 54 */ 55 ssize_t pci_write_vpd(struct pci_dev *dev, loff_t pos, size_t count, const void *buf) 56 { 57 if (!dev->vpd || !dev->vpd->ops) 58 return -ENODEV; 59 return dev->vpd->ops->write(dev, pos, count, buf); 60 } 61 EXPORT_SYMBOL(pci_write_vpd); 62 63 /** 64 * pci_set_vpd_size - Set size of Vital Product Data space 65 * @dev: pci device struct 66 * @len: size of vpd space 67 */ 68 int pci_set_vpd_size(struct pci_dev *dev, size_t len) 69 { 70 if (!dev->vpd || !dev->vpd->ops) 71 return -ENODEV; 72 return dev->vpd->ops->set_size(dev, len); 73 } 74 EXPORT_SYMBOL(pci_set_vpd_size); 75 76 #define PCI_VPD_MAX_SIZE (PCI_VPD_ADDR_MASK + 1) 77 78 /** 79 * pci_vpd_size - determine actual size of Vital Product Data 80 * @dev: pci device struct 81 * @old_size: current assumed size, also maximum allowed size 82 */ 83 static size_t pci_vpd_size(struct pci_dev *dev, size_t old_size) 84 { 85 size_t off = 0; 86 unsigned char header[1+2]; /* 1 byte tag, 2 bytes length */ 87 88 while (off < old_size && 89 pci_read_vpd(dev, off, 1, header) == 1) { 90 unsigned char tag; 91 92 if (header[0] & PCI_VPD_LRDT) { 93 /* Large Resource Data Type Tag */ 94 tag = pci_vpd_lrdt_tag(header); 95 /* Only read length from known tag items */ 96 if ((tag == PCI_VPD_LTIN_ID_STRING) || 97 (tag == PCI_VPD_LTIN_RO_DATA) || 98 (tag == PCI_VPD_LTIN_RW_DATA)) { 99 if (pci_read_vpd(dev, off+1, 2, 100 &header[1]) != 2) { 101 pci_warn(dev, "invalid large VPD tag %02x size at offset %zu", 102 tag, off + 1); 103 return 0; 104 } 105 off += PCI_VPD_LRDT_TAG_SIZE + 106 pci_vpd_lrdt_size(header); 107 } 108 } else { 109 /* Short Resource Data Type Tag */ 110 off += PCI_VPD_SRDT_TAG_SIZE + 111 pci_vpd_srdt_size(header); 112 tag = pci_vpd_srdt_tag(header); 113 } 114 115 if (tag == PCI_VPD_STIN_END) /* End tag descriptor */ 116 return off; 117 118 if ((tag != PCI_VPD_LTIN_ID_STRING) && 119 (tag != PCI_VPD_LTIN_RO_DATA) && 120 (tag != PCI_VPD_LTIN_RW_DATA)) { 121 pci_warn(dev, "invalid %s VPD tag %02x at offset %zu", 122 (header[0] & PCI_VPD_LRDT) ? "large" : "short", 123 tag, off); 124 return 0; 125 } 126 } 127 return 0; 128 } 129 130 /* 131 * Wait for last operation to complete. 132 * This code has to spin since there is no other notification from the PCI 133 * hardware. Since the VPD is often implemented by serial attachment to an 134 * EEPROM, it may take many milliseconds to complete. 135 * 136 * Returns 0 on success, negative values indicate error. 137 */ 138 static int pci_vpd_wait(struct pci_dev *dev) 139 { 140 struct pci_vpd *vpd = dev->vpd; 141 unsigned long timeout = jiffies + msecs_to_jiffies(125); 142 unsigned long max_sleep = 16; 143 u16 status; 144 int ret; 145 146 if (!vpd->busy) 147 return 0; 148 149 while (time_before(jiffies, timeout)) { 150 ret = pci_user_read_config_word(dev, vpd->cap + PCI_VPD_ADDR, 151 &status); 152 if (ret < 0) 153 return ret; 154 155 if ((status & PCI_VPD_ADDR_F) == vpd->flag) { 156 vpd->busy = 0; 157 return 0; 158 } 159 160 if (fatal_signal_pending(current)) 161 return -EINTR; 162 163 usleep_range(10, max_sleep); 164 if (max_sleep < 1024) 165 max_sleep *= 2; 166 } 167 168 pci_warn(dev, "VPD access failed. This is likely a firmware bug on this device. Contact the card vendor for a firmware update\n"); 169 return -ETIMEDOUT; 170 } 171 172 static ssize_t pci_vpd_read(struct pci_dev *dev, loff_t pos, size_t count, 173 void *arg) 174 { 175 struct pci_vpd *vpd = dev->vpd; 176 int ret; 177 loff_t end = pos + count; 178 u8 *buf = arg; 179 180 if (pos < 0) 181 return -EINVAL; 182 183 if (!vpd->valid) { 184 vpd->valid = 1; 185 vpd->len = pci_vpd_size(dev, vpd->len); 186 } 187 188 if (vpd->len == 0) 189 return -EIO; 190 191 if (pos > vpd->len) 192 return 0; 193 194 if (end > vpd->len) { 195 end = vpd->len; 196 count = end - pos; 197 } 198 199 if (mutex_lock_killable(&vpd->lock)) 200 return -EINTR; 201 202 ret = pci_vpd_wait(dev); 203 if (ret < 0) 204 goto out; 205 206 while (pos < end) { 207 u32 val; 208 unsigned int i, skip; 209 210 ret = pci_user_write_config_word(dev, vpd->cap + PCI_VPD_ADDR, 211 pos & ~3); 212 if (ret < 0) 213 break; 214 vpd->busy = 1; 215 vpd->flag = PCI_VPD_ADDR_F; 216 ret = pci_vpd_wait(dev); 217 if (ret < 0) 218 break; 219 220 ret = pci_user_read_config_dword(dev, vpd->cap + PCI_VPD_DATA, &val); 221 if (ret < 0) 222 break; 223 224 skip = pos & 3; 225 for (i = 0; i < sizeof(u32); i++) { 226 if (i >= skip) { 227 *buf++ = val; 228 if (++pos == end) 229 break; 230 } 231 val >>= 8; 232 } 233 } 234 out: 235 mutex_unlock(&vpd->lock); 236 return ret ? ret : count; 237 } 238 239 static ssize_t pci_vpd_write(struct pci_dev *dev, loff_t pos, size_t count, 240 const void *arg) 241 { 242 struct pci_vpd *vpd = dev->vpd; 243 const u8 *buf = arg; 244 loff_t end = pos + count; 245 int ret = 0; 246 247 if (pos < 0 || (pos & 3) || (count & 3)) 248 return -EINVAL; 249 250 if (!vpd->valid) { 251 vpd->valid = 1; 252 vpd->len = pci_vpd_size(dev, vpd->len); 253 } 254 255 if (vpd->len == 0) 256 return -EIO; 257 258 if (end > vpd->len) 259 return -EINVAL; 260 261 if (mutex_lock_killable(&vpd->lock)) 262 return -EINTR; 263 264 ret = pci_vpd_wait(dev); 265 if (ret < 0) 266 goto out; 267 268 while (pos < end) { 269 u32 val; 270 271 val = *buf++; 272 val |= *buf++ << 8; 273 val |= *buf++ << 16; 274 val |= *buf++ << 24; 275 276 ret = pci_user_write_config_dword(dev, vpd->cap + PCI_VPD_DATA, val); 277 if (ret < 0) 278 break; 279 ret = pci_user_write_config_word(dev, vpd->cap + PCI_VPD_ADDR, 280 pos | PCI_VPD_ADDR_F); 281 if (ret < 0) 282 break; 283 284 vpd->busy = 1; 285 vpd->flag = 0; 286 ret = pci_vpd_wait(dev); 287 if (ret < 0) 288 break; 289 290 pos += sizeof(u32); 291 } 292 out: 293 mutex_unlock(&vpd->lock); 294 return ret ? ret : count; 295 } 296 297 static int pci_vpd_set_size(struct pci_dev *dev, size_t len) 298 { 299 struct pci_vpd *vpd = dev->vpd; 300 301 if (len == 0 || len > PCI_VPD_MAX_SIZE) 302 return -EIO; 303 304 vpd->valid = 1; 305 vpd->len = len; 306 307 return 0; 308 } 309 310 static const struct pci_vpd_ops pci_vpd_ops = { 311 .read = pci_vpd_read, 312 .write = pci_vpd_write, 313 .set_size = pci_vpd_set_size, 314 }; 315 316 static ssize_t pci_vpd_f0_read(struct pci_dev *dev, loff_t pos, size_t count, 317 void *arg) 318 { 319 struct pci_dev *tdev = pci_get_slot(dev->bus, 320 PCI_DEVFN(PCI_SLOT(dev->devfn), 0)); 321 ssize_t ret; 322 323 if (!tdev) 324 return -ENODEV; 325 326 ret = pci_read_vpd(tdev, pos, count, arg); 327 pci_dev_put(tdev); 328 return ret; 329 } 330 331 static ssize_t pci_vpd_f0_write(struct pci_dev *dev, loff_t pos, size_t count, 332 const void *arg) 333 { 334 struct pci_dev *tdev = pci_get_slot(dev->bus, 335 PCI_DEVFN(PCI_SLOT(dev->devfn), 0)); 336 ssize_t ret; 337 338 if (!tdev) 339 return -ENODEV; 340 341 ret = pci_write_vpd(tdev, pos, count, arg); 342 pci_dev_put(tdev); 343 return ret; 344 } 345 346 static int pci_vpd_f0_set_size(struct pci_dev *dev, size_t len) 347 { 348 struct pci_dev *tdev = pci_get_slot(dev->bus, 349 PCI_DEVFN(PCI_SLOT(dev->devfn), 0)); 350 int ret; 351 352 if (!tdev) 353 return -ENODEV; 354 355 ret = pci_set_vpd_size(tdev, len); 356 pci_dev_put(tdev); 357 return ret; 358 } 359 360 static const struct pci_vpd_ops pci_vpd_f0_ops = { 361 .read = pci_vpd_f0_read, 362 .write = pci_vpd_f0_write, 363 .set_size = pci_vpd_f0_set_size, 364 }; 365 366 int pci_vpd_init(struct pci_dev *dev) 367 { 368 struct pci_vpd *vpd; 369 u8 cap; 370 371 cap = pci_find_capability(dev, PCI_CAP_ID_VPD); 372 if (!cap) 373 return -ENODEV; 374 375 vpd = kzalloc(sizeof(*vpd), GFP_ATOMIC); 376 if (!vpd) 377 return -ENOMEM; 378 379 vpd->len = PCI_VPD_MAX_SIZE; 380 if (dev->dev_flags & PCI_DEV_FLAGS_VPD_REF_F0) 381 vpd->ops = &pci_vpd_f0_ops; 382 else 383 vpd->ops = &pci_vpd_ops; 384 mutex_init(&vpd->lock); 385 vpd->cap = cap; 386 vpd->busy = 0; 387 vpd->valid = 0; 388 dev->vpd = vpd; 389 return 0; 390 } 391 392 void pci_vpd_release(struct pci_dev *dev) 393 { 394 kfree(dev->vpd); 395 } 396 397 static ssize_t read_vpd_attr(struct file *filp, struct kobject *kobj, 398 struct bin_attribute *bin_attr, char *buf, 399 loff_t off, size_t count) 400 { 401 struct pci_dev *dev = to_pci_dev(kobj_to_dev(kobj)); 402 403 if (bin_attr->size > 0) { 404 if (off > bin_attr->size) 405 count = 0; 406 else if (count > bin_attr->size - off) 407 count = bin_attr->size - off; 408 } 409 410 return pci_read_vpd(dev, off, count, buf); 411 } 412 413 static ssize_t write_vpd_attr(struct file *filp, struct kobject *kobj, 414 struct bin_attribute *bin_attr, char *buf, 415 loff_t off, size_t count) 416 { 417 struct pci_dev *dev = to_pci_dev(kobj_to_dev(kobj)); 418 419 if (bin_attr->size > 0) { 420 if (off > bin_attr->size) 421 count = 0; 422 else if (count > bin_attr->size - off) 423 count = bin_attr->size - off; 424 } 425 426 return pci_write_vpd(dev, off, count, buf); 427 } 428 429 void pcie_vpd_create_sysfs_dev_files(struct pci_dev *dev) 430 { 431 int retval; 432 struct bin_attribute *attr; 433 434 if (!dev->vpd) 435 return; 436 437 attr = kzalloc(sizeof(*attr), GFP_ATOMIC); 438 if (!attr) 439 return; 440 441 sysfs_bin_attr_init(attr); 442 attr->size = 0; 443 attr->attr.name = "vpd"; 444 attr->attr.mode = S_IRUSR | S_IWUSR; 445 attr->read = read_vpd_attr; 446 attr->write = write_vpd_attr; 447 retval = sysfs_create_bin_file(&dev->dev.kobj, attr); 448 if (retval) { 449 kfree(attr); 450 return; 451 } 452 453 dev->vpd->attr = attr; 454 } 455 456 void pcie_vpd_remove_sysfs_dev_files(struct pci_dev *dev) 457 { 458 if (dev->vpd && dev->vpd->attr) { 459 sysfs_remove_bin_file(&dev->dev.kobj, dev->vpd->attr); 460 kfree(dev->vpd->attr); 461 } 462 } 463 464 int pci_vpd_find_tag(const u8 *buf, unsigned int off, unsigned int len, u8 rdt) 465 { 466 int i; 467 468 for (i = off; i < len; ) { 469 u8 val = buf[i]; 470 471 if (val & PCI_VPD_LRDT) { 472 /* Don't return success of the tag isn't complete */ 473 if (i + PCI_VPD_LRDT_TAG_SIZE > len) 474 break; 475 476 if (val == rdt) 477 return i; 478 479 i += PCI_VPD_LRDT_TAG_SIZE + 480 pci_vpd_lrdt_size(&buf[i]); 481 } else { 482 u8 tag = val & ~PCI_VPD_SRDT_LEN_MASK; 483 484 if (tag == rdt) 485 return i; 486 487 if (tag == PCI_VPD_SRDT_END) 488 break; 489 490 i += PCI_VPD_SRDT_TAG_SIZE + 491 pci_vpd_srdt_size(&buf[i]); 492 } 493 } 494 495 return -ENOENT; 496 } 497 EXPORT_SYMBOL_GPL(pci_vpd_find_tag); 498 499 int pci_vpd_find_info_keyword(const u8 *buf, unsigned int off, 500 unsigned int len, const char *kw) 501 { 502 int i; 503 504 for (i = off; i + PCI_VPD_INFO_FLD_HDR_SIZE <= off + len;) { 505 if (buf[i + 0] == kw[0] && 506 buf[i + 1] == kw[1]) 507 return i; 508 509 i += PCI_VPD_INFO_FLD_HDR_SIZE + 510 pci_vpd_info_field_size(&buf[i]); 511 } 512 513 return -ENOENT; 514 } 515 EXPORT_SYMBOL_GPL(pci_vpd_find_info_keyword); 516 517 #ifdef CONFIG_PCI_QUIRKS 518 /* 519 * Quirk non-zero PCI functions to route VPD access through function 0 for 520 * devices that share VPD resources between functions. The functions are 521 * expected to be identical devices. 522 */ 523 static void quirk_f0_vpd_link(struct pci_dev *dev) 524 { 525 struct pci_dev *f0; 526 527 if (!PCI_FUNC(dev->devfn)) 528 return; 529 530 f0 = pci_get_slot(dev->bus, PCI_DEVFN(PCI_SLOT(dev->devfn), 0)); 531 if (!f0) 532 return; 533 534 if (f0->vpd && dev->class == f0->class && 535 dev->vendor == f0->vendor && dev->device == f0->device) 536 dev->dev_flags |= PCI_DEV_FLAGS_VPD_REF_F0; 537 538 pci_dev_put(f0); 539 } 540 DECLARE_PCI_FIXUP_CLASS_EARLY(PCI_VENDOR_ID_INTEL, PCI_ANY_ID, 541 PCI_CLASS_NETWORK_ETHERNET, 8, quirk_f0_vpd_link); 542 543 /* 544 * If a device follows the VPD format spec, the PCI core will not read or 545 * write past the VPD End Tag. But some vendors do not follow the VPD 546 * format spec, so we can't tell how much data is safe to access. Devices 547 * may behave unpredictably if we access too much. Blacklist these devices 548 * so we don't touch VPD at all. 549 */ 550 static void quirk_blacklist_vpd(struct pci_dev *dev) 551 { 552 if (dev->vpd) { 553 dev->vpd->len = 0; 554 pci_warn(dev, FW_BUG "disabling VPD access (can't determine size of non-standard VPD format)\n"); 555 } 556 } 557 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0060, quirk_blacklist_vpd); 558 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x007c, quirk_blacklist_vpd); 559 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0413, quirk_blacklist_vpd); 560 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0078, quirk_blacklist_vpd); 561 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0079, quirk_blacklist_vpd); 562 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0073, quirk_blacklist_vpd); 563 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0071, quirk_blacklist_vpd); 564 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x005b, quirk_blacklist_vpd); 565 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x002f, quirk_blacklist_vpd); 566 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x005d, quirk_blacklist_vpd); 567 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x005f, quirk_blacklist_vpd); 568 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_ATTANSIC, PCI_ANY_ID, 569 quirk_blacklist_vpd); 570 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_QLOGIC, 0x2261, quirk_blacklist_vpd); 571 572 /* 573 * For Broadcom 5706, 5708, 5709 rev. A nics, any read beyond the 574 * VPD end tag will hang the device. This problem was initially 575 * observed when a vpd entry was created in sysfs 576 * ('/sys/bus/pci/devices/<id>/vpd'). A read to this sysfs entry 577 * will dump 32k of data. Reading a full 32k will cause an access 578 * beyond the VPD end tag causing the device to hang. Once the device 579 * is hung, the bnx2 driver will not be able to reset the device. 580 * We believe that it is legal to read beyond the end tag and 581 * therefore the solution is to limit the read/write length. 582 */ 583 static void quirk_brcm_570x_limit_vpd(struct pci_dev *dev) 584 { 585 /* 586 * Only disable the VPD capability for 5706, 5706S, 5708, 587 * 5708S and 5709 rev. A 588 */ 589 if ((dev->device == PCI_DEVICE_ID_NX2_5706) || 590 (dev->device == PCI_DEVICE_ID_NX2_5706S) || 591 (dev->device == PCI_DEVICE_ID_NX2_5708) || 592 (dev->device == PCI_DEVICE_ID_NX2_5708S) || 593 ((dev->device == PCI_DEVICE_ID_NX2_5709) && 594 (dev->revision & 0xf0) == 0x0)) { 595 if (dev->vpd) 596 dev->vpd->len = 0x80; 597 } 598 } 599 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 600 PCI_DEVICE_ID_NX2_5706, 601 quirk_brcm_570x_limit_vpd); 602 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 603 PCI_DEVICE_ID_NX2_5706S, 604 quirk_brcm_570x_limit_vpd); 605 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 606 PCI_DEVICE_ID_NX2_5708, 607 quirk_brcm_570x_limit_vpd); 608 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 609 PCI_DEVICE_ID_NX2_5708S, 610 quirk_brcm_570x_limit_vpd); 611 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 612 PCI_DEVICE_ID_NX2_5709, 613 quirk_brcm_570x_limit_vpd); 614 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 615 PCI_DEVICE_ID_NX2_5709S, 616 quirk_brcm_570x_limit_vpd); 617 618 static void quirk_chelsio_extend_vpd(struct pci_dev *dev) 619 { 620 int chip = (dev->device & 0xf000) >> 12; 621 int func = (dev->device & 0x0f00) >> 8; 622 int prod = (dev->device & 0x00ff) >> 0; 623 624 /* 625 * If this is a T3-based adapter, there's a 1KB VPD area at offset 626 * 0xc00 which contains the preferred VPD values. If this is a T4 or 627 * later based adapter, the special VPD is at offset 0x400 for the 628 * Physical Functions (the SR-IOV Virtual Functions have no VPD 629 * Capabilities). The PCI VPD Access core routines will normally 630 * compute the size of the VPD by parsing the VPD Data Structure at 631 * offset 0x000. This will result in silent failures when attempting 632 * to accesses these other VPD areas which are beyond those computed 633 * limits. 634 */ 635 if (chip == 0x0 && prod >= 0x20) 636 pci_set_vpd_size(dev, 8192); 637 else if (chip >= 0x4 && func < 0x8) 638 pci_set_vpd_size(dev, 2048); 639 } 640 641 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_CHELSIO, PCI_ANY_ID, 642 quirk_chelsio_extend_vpd); 643 644 #endif 645