1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * PCI VPD support 4 * 5 * Copyright (C) 2010 Broadcom Corporation. 6 */ 7 8 #include <linux/pci.h> 9 #include <linux/delay.h> 10 #include <linux/export.h> 11 #include <linux/sched/signal.h> 12 #include "pci.h" 13 14 /* VPD access through PCI 2.2+ VPD capability */ 15 16 struct pci_vpd_ops { 17 ssize_t (*read)(struct pci_dev *dev, loff_t pos, size_t count, void *buf); 18 ssize_t (*write)(struct pci_dev *dev, loff_t pos, size_t count, const void *buf); 19 int (*set_size)(struct pci_dev *dev, size_t len); 20 }; 21 22 struct pci_vpd { 23 const struct pci_vpd_ops *ops; 24 struct bin_attribute *attr; /* Descriptor for sysfs VPD entry */ 25 struct mutex lock; 26 unsigned int len; 27 u16 flag; 28 u8 cap; 29 unsigned int busy:1; 30 unsigned int valid:1; 31 }; 32 33 /** 34 * pci_read_vpd - Read one entry from Vital Product Data 35 * @dev: pci device struct 36 * @pos: offset in vpd space 37 * @count: number of bytes to read 38 * @buf: pointer to where to store result 39 */ 40 ssize_t pci_read_vpd(struct pci_dev *dev, loff_t pos, size_t count, void *buf) 41 { 42 if (!dev->vpd || !dev->vpd->ops) 43 return -ENODEV; 44 return dev->vpd->ops->read(dev, pos, count, buf); 45 } 46 EXPORT_SYMBOL(pci_read_vpd); 47 48 /** 49 * pci_write_vpd - Write entry to Vital Product Data 50 * @dev: pci device struct 51 * @pos: offset in vpd space 52 * @count: number of bytes to write 53 * @buf: buffer containing write data 54 */ 55 ssize_t pci_write_vpd(struct pci_dev *dev, loff_t pos, size_t count, const void *buf) 56 { 57 if (!dev->vpd || !dev->vpd->ops) 58 return -ENODEV; 59 return dev->vpd->ops->write(dev, pos, count, buf); 60 } 61 EXPORT_SYMBOL(pci_write_vpd); 62 63 /** 64 * pci_set_vpd_size - Set size of Vital Product Data space 65 * @dev: pci device struct 66 * @len: size of vpd space 67 */ 68 int pci_set_vpd_size(struct pci_dev *dev, size_t len) 69 { 70 if (!dev->vpd || !dev->vpd->ops) 71 return -ENODEV; 72 return dev->vpd->ops->set_size(dev, len); 73 } 74 EXPORT_SYMBOL(pci_set_vpd_size); 75 76 #define PCI_VPD_MAX_SIZE (PCI_VPD_ADDR_MASK + 1) 77 78 /** 79 * pci_vpd_size - determine actual size of Vital Product Data 80 * @dev: pci device struct 81 * @old_size: current assumed size, also maximum allowed size 82 */ 83 static size_t pci_vpd_size(struct pci_dev *dev, size_t old_size) 84 { 85 size_t off = 0; 86 unsigned char header[1+2]; /* 1 byte tag, 2 bytes length */ 87 88 while (off < old_size && 89 pci_read_vpd(dev, off, 1, header) == 1) { 90 unsigned char tag; 91 92 if (header[0] & PCI_VPD_LRDT) { 93 /* Large Resource Data Type Tag */ 94 tag = pci_vpd_lrdt_tag(header); 95 /* Only read length from known tag items */ 96 if ((tag == PCI_VPD_LTIN_ID_STRING) || 97 (tag == PCI_VPD_LTIN_RO_DATA) || 98 (tag == PCI_VPD_LTIN_RW_DATA)) { 99 if (pci_read_vpd(dev, off+1, 2, 100 &header[1]) != 2) { 101 pci_warn(dev, "invalid large VPD tag %02x size at offset %zu", 102 tag, off + 1); 103 return 0; 104 } 105 off += PCI_VPD_LRDT_TAG_SIZE + 106 pci_vpd_lrdt_size(header); 107 } 108 } else { 109 /* Short Resource Data Type Tag */ 110 off += PCI_VPD_SRDT_TAG_SIZE + 111 pci_vpd_srdt_size(header); 112 tag = pci_vpd_srdt_tag(header); 113 } 114 115 if (tag == PCI_VPD_STIN_END) /* End tag descriptor */ 116 return off; 117 118 if ((tag != PCI_VPD_LTIN_ID_STRING) && 119 (tag != PCI_VPD_LTIN_RO_DATA) && 120 (tag != PCI_VPD_LTIN_RW_DATA)) { 121 pci_warn(dev, "invalid %s VPD tag %02x at offset %zu", 122 (header[0] & PCI_VPD_LRDT) ? "large" : "short", 123 tag, off); 124 return 0; 125 } 126 } 127 return 0; 128 } 129 130 /* 131 * Wait for last operation to complete. 132 * This code has to spin since there is no other notification from the PCI 133 * hardware. Since the VPD is often implemented by serial attachment to an 134 * EEPROM, it may take many milliseconds to complete. 135 * 136 * Returns 0 on success, negative values indicate error. 137 */ 138 static int pci_vpd_wait(struct pci_dev *dev) 139 { 140 struct pci_vpd *vpd = dev->vpd; 141 unsigned long timeout = jiffies + msecs_to_jiffies(125); 142 unsigned long max_sleep = 16; 143 u16 status; 144 int ret; 145 146 if (!vpd->busy) 147 return 0; 148 149 do { 150 ret = pci_user_read_config_word(dev, vpd->cap + PCI_VPD_ADDR, 151 &status); 152 if (ret < 0) 153 return ret; 154 155 if ((status & PCI_VPD_ADDR_F) == vpd->flag) { 156 vpd->busy = 0; 157 return 0; 158 } 159 160 if (fatal_signal_pending(current)) 161 return -EINTR; 162 163 if (time_after(jiffies, timeout)) 164 break; 165 166 usleep_range(10, max_sleep); 167 if (max_sleep < 1024) 168 max_sleep *= 2; 169 } while (true); 170 171 pci_warn(dev, "VPD access failed. This is likely a firmware bug on this device. Contact the card vendor for a firmware update\n"); 172 return -ETIMEDOUT; 173 } 174 175 static ssize_t pci_vpd_read(struct pci_dev *dev, loff_t pos, size_t count, 176 void *arg) 177 { 178 struct pci_vpd *vpd = dev->vpd; 179 int ret; 180 loff_t end = pos + count; 181 u8 *buf = arg; 182 183 if (pos < 0) 184 return -EINVAL; 185 186 if (!vpd->valid) { 187 vpd->valid = 1; 188 vpd->len = pci_vpd_size(dev, vpd->len); 189 } 190 191 if (vpd->len == 0) 192 return -EIO; 193 194 if (pos > vpd->len) 195 return 0; 196 197 if (end > vpd->len) { 198 end = vpd->len; 199 count = end - pos; 200 } 201 202 if (mutex_lock_killable(&vpd->lock)) 203 return -EINTR; 204 205 ret = pci_vpd_wait(dev); 206 if (ret < 0) 207 goto out; 208 209 while (pos < end) { 210 u32 val; 211 unsigned int i, skip; 212 213 ret = pci_user_write_config_word(dev, vpd->cap + PCI_VPD_ADDR, 214 pos & ~3); 215 if (ret < 0) 216 break; 217 vpd->busy = 1; 218 vpd->flag = PCI_VPD_ADDR_F; 219 ret = pci_vpd_wait(dev); 220 if (ret < 0) 221 break; 222 223 ret = pci_user_read_config_dword(dev, vpd->cap + PCI_VPD_DATA, &val); 224 if (ret < 0) 225 break; 226 227 skip = pos & 3; 228 for (i = 0; i < sizeof(u32); i++) { 229 if (i >= skip) { 230 *buf++ = val; 231 if (++pos == end) 232 break; 233 } 234 val >>= 8; 235 } 236 } 237 out: 238 mutex_unlock(&vpd->lock); 239 return ret ? ret : count; 240 } 241 242 static ssize_t pci_vpd_write(struct pci_dev *dev, loff_t pos, size_t count, 243 const void *arg) 244 { 245 struct pci_vpd *vpd = dev->vpd; 246 const u8 *buf = arg; 247 loff_t end = pos + count; 248 int ret = 0; 249 250 if (pos < 0 || (pos & 3) || (count & 3)) 251 return -EINVAL; 252 253 if (!vpd->valid) { 254 vpd->valid = 1; 255 vpd->len = pci_vpd_size(dev, vpd->len); 256 } 257 258 if (vpd->len == 0) 259 return -EIO; 260 261 if (end > vpd->len) 262 return -EINVAL; 263 264 if (mutex_lock_killable(&vpd->lock)) 265 return -EINTR; 266 267 ret = pci_vpd_wait(dev); 268 if (ret < 0) 269 goto out; 270 271 while (pos < end) { 272 u32 val; 273 274 val = *buf++; 275 val |= *buf++ << 8; 276 val |= *buf++ << 16; 277 val |= *buf++ << 24; 278 279 ret = pci_user_write_config_dword(dev, vpd->cap + PCI_VPD_DATA, val); 280 if (ret < 0) 281 break; 282 ret = pci_user_write_config_word(dev, vpd->cap + PCI_VPD_ADDR, 283 pos | PCI_VPD_ADDR_F); 284 if (ret < 0) 285 break; 286 287 vpd->busy = 1; 288 vpd->flag = 0; 289 ret = pci_vpd_wait(dev); 290 if (ret < 0) 291 break; 292 293 pos += sizeof(u32); 294 } 295 out: 296 mutex_unlock(&vpd->lock); 297 return ret ? ret : count; 298 } 299 300 static int pci_vpd_set_size(struct pci_dev *dev, size_t len) 301 { 302 struct pci_vpd *vpd = dev->vpd; 303 304 if (len == 0 || len > PCI_VPD_MAX_SIZE) 305 return -EIO; 306 307 vpd->valid = 1; 308 vpd->len = len; 309 310 return 0; 311 } 312 313 static const struct pci_vpd_ops pci_vpd_ops = { 314 .read = pci_vpd_read, 315 .write = pci_vpd_write, 316 .set_size = pci_vpd_set_size, 317 }; 318 319 static ssize_t pci_vpd_f0_read(struct pci_dev *dev, loff_t pos, size_t count, 320 void *arg) 321 { 322 struct pci_dev *tdev = pci_get_slot(dev->bus, 323 PCI_DEVFN(PCI_SLOT(dev->devfn), 0)); 324 ssize_t ret; 325 326 if (!tdev) 327 return -ENODEV; 328 329 ret = pci_read_vpd(tdev, pos, count, arg); 330 pci_dev_put(tdev); 331 return ret; 332 } 333 334 static ssize_t pci_vpd_f0_write(struct pci_dev *dev, loff_t pos, size_t count, 335 const void *arg) 336 { 337 struct pci_dev *tdev = pci_get_slot(dev->bus, 338 PCI_DEVFN(PCI_SLOT(dev->devfn), 0)); 339 ssize_t ret; 340 341 if (!tdev) 342 return -ENODEV; 343 344 ret = pci_write_vpd(tdev, pos, count, arg); 345 pci_dev_put(tdev); 346 return ret; 347 } 348 349 static int pci_vpd_f0_set_size(struct pci_dev *dev, size_t len) 350 { 351 struct pci_dev *tdev = pci_get_slot(dev->bus, 352 PCI_DEVFN(PCI_SLOT(dev->devfn), 0)); 353 int ret; 354 355 if (!tdev) 356 return -ENODEV; 357 358 ret = pci_set_vpd_size(tdev, len); 359 pci_dev_put(tdev); 360 return ret; 361 } 362 363 static const struct pci_vpd_ops pci_vpd_f0_ops = { 364 .read = pci_vpd_f0_read, 365 .write = pci_vpd_f0_write, 366 .set_size = pci_vpd_f0_set_size, 367 }; 368 369 int pci_vpd_init(struct pci_dev *dev) 370 { 371 struct pci_vpd *vpd; 372 u8 cap; 373 374 cap = pci_find_capability(dev, PCI_CAP_ID_VPD); 375 if (!cap) 376 return -ENODEV; 377 378 vpd = kzalloc(sizeof(*vpd), GFP_ATOMIC); 379 if (!vpd) 380 return -ENOMEM; 381 382 vpd->len = PCI_VPD_MAX_SIZE; 383 if (dev->dev_flags & PCI_DEV_FLAGS_VPD_REF_F0) 384 vpd->ops = &pci_vpd_f0_ops; 385 else 386 vpd->ops = &pci_vpd_ops; 387 mutex_init(&vpd->lock); 388 vpd->cap = cap; 389 vpd->busy = 0; 390 vpd->valid = 0; 391 dev->vpd = vpd; 392 return 0; 393 } 394 395 void pci_vpd_release(struct pci_dev *dev) 396 { 397 kfree(dev->vpd); 398 } 399 400 static ssize_t read_vpd_attr(struct file *filp, struct kobject *kobj, 401 struct bin_attribute *bin_attr, char *buf, 402 loff_t off, size_t count) 403 { 404 struct pci_dev *dev = to_pci_dev(kobj_to_dev(kobj)); 405 406 if (bin_attr->size > 0) { 407 if (off > bin_attr->size) 408 count = 0; 409 else if (count > bin_attr->size - off) 410 count = bin_attr->size - off; 411 } 412 413 return pci_read_vpd(dev, off, count, buf); 414 } 415 416 static ssize_t write_vpd_attr(struct file *filp, struct kobject *kobj, 417 struct bin_attribute *bin_attr, char *buf, 418 loff_t off, size_t count) 419 { 420 struct pci_dev *dev = to_pci_dev(kobj_to_dev(kobj)); 421 422 if (bin_attr->size > 0) { 423 if (off > bin_attr->size) 424 count = 0; 425 else if (count > bin_attr->size - off) 426 count = bin_attr->size - off; 427 } 428 429 return pci_write_vpd(dev, off, count, buf); 430 } 431 432 void pcie_vpd_create_sysfs_dev_files(struct pci_dev *dev) 433 { 434 int retval; 435 struct bin_attribute *attr; 436 437 if (!dev->vpd) 438 return; 439 440 attr = kzalloc(sizeof(*attr), GFP_ATOMIC); 441 if (!attr) 442 return; 443 444 sysfs_bin_attr_init(attr); 445 attr->size = 0; 446 attr->attr.name = "vpd"; 447 attr->attr.mode = S_IRUSR | S_IWUSR; 448 attr->read = read_vpd_attr; 449 attr->write = write_vpd_attr; 450 retval = sysfs_create_bin_file(&dev->dev.kobj, attr); 451 if (retval) { 452 kfree(attr); 453 return; 454 } 455 456 dev->vpd->attr = attr; 457 } 458 459 void pcie_vpd_remove_sysfs_dev_files(struct pci_dev *dev) 460 { 461 if (dev->vpd && dev->vpd->attr) { 462 sysfs_remove_bin_file(&dev->dev.kobj, dev->vpd->attr); 463 kfree(dev->vpd->attr); 464 } 465 } 466 467 int pci_vpd_find_tag(const u8 *buf, unsigned int off, unsigned int len, u8 rdt) 468 { 469 int i; 470 471 for (i = off; i < len; ) { 472 u8 val = buf[i]; 473 474 if (val & PCI_VPD_LRDT) { 475 /* Don't return success of the tag isn't complete */ 476 if (i + PCI_VPD_LRDT_TAG_SIZE > len) 477 break; 478 479 if (val == rdt) 480 return i; 481 482 i += PCI_VPD_LRDT_TAG_SIZE + 483 pci_vpd_lrdt_size(&buf[i]); 484 } else { 485 u8 tag = val & ~PCI_VPD_SRDT_LEN_MASK; 486 487 if (tag == rdt) 488 return i; 489 490 if (tag == PCI_VPD_SRDT_END) 491 break; 492 493 i += PCI_VPD_SRDT_TAG_SIZE + 494 pci_vpd_srdt_size(&buf[i]); 495 } 496 } 497 498 return -ENOENT; 499 } 500 EXPORT_SYMBOL_GPL(pci_vpd_find_tag); 501 502 int pci_vpd_find_info_keyword(const u8 *buf, unsigned int off, 503 unsigned int len, const char *kw) 504 { 505 int i; 506 507 for (i = off; i + PCI_VPD_INFO_FLD_HDR_SIZE <= off + len;) { 508 if (buf[i + 0] == kw[0] && 509 buf[i + 1] == kw[1]) 510 return i; 511 512 i += PCI_VPD_INFO_FLD_HDR_SIZE + 513 pci_vpd_info_field_size(&buf[i]); 514 } 515 516 return -ENOENT; 517 } 518 EXPORT_SYMBOL_GPL(pci_vpd_find_info_keyword); 519 520 #ifdef CONFIG_PCI_QUIRKS 521 /* 522 * Quirk non-zero PCI functions to route VPD access through function 0 for 523 * devices that share VPD resources between functions. The functions are 524 * expected to be identical devices. 525 */ 526 static void quirk_f0_vpd_link(struct pci_dev *dev) 527 { 528 struct pci_dev *f0; 529 530 if (!PCI_FUNC(dev->devfn)) 531 return; 532 533 f0 = pci_get_slot(dev->bus, PCI_DEVFN(PCI_SLOT(dev->devfn), 0)); 534 if (!f0) 535 return; 536 537 if (f0->vpd && dev->class == f0->class && 538 dev->vendor == f0->vendor && dev->device == f0->device) 539 dev->dev_flags |= PCI_DEV_FLAGS_VPD_REF_F0; 540 541 pci_dev_put(f0); 542 } 543 DECLARE_PCI_FIXUP_CLASS_EARLY(PCI_VENDOR_ID_INTEL, PCI_ANY_ID, 544 PCI_CLASS_NETWORK_ETHERNET, 8, quirk_f0_vpd_link); 545 546 /* 547 * If a device follows the VPD format spec, the PCI core will not read or 548 * write past the VPD End Tag. But some vendors do not follow the VPD 549 * format spec, so we can't tell how much data is safe to access. Devices 550 * may behave unpredictably if we access too much. Blacklist these devices 551 * so we don't touch VPD at all. 552 */ 553 static void quirk_blacklist_vpd(struct pci_dev *dev) 554 { 555 if (dev->vpd) { 556 dev->vpd->len = 0; 557 pci_warn(dev, FW_BUG "disabling VPD access (can't determine size of non-standard VPD format)\n"); 558 } 559 } 560 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0060, quirk_blacklist_vpd); 561 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x007c, quirk_blacklist_vpd); 562 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0413, quirk_blacklist_vpd); 563 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0078, quirk_blacklist_vpd); 564 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0079, quirk_blacklist_vpd); 565 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0073, quirk_blacklist_vpd); 566 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x0071, quirk_blacklist_vpd); 567 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x005b, quirk_blacklist_vpd); 568 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x002f, quirk_blacklist_vpd); 569 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x005d, quirk_blacklist_vpd); 570 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_LSI_LOGIC, 0x005f, quirk_blacklist_vpd); 571 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_ATTANSIC, PCI_ANY_ID, 572 quirk_blacklist_vpd); 573 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_QLOGIC, 0x2261, quirk_blacklist_vpd); 574 575 /* 576 * For Broadcom 5706, 5708, 5709 rev. A nics, any read beyond the 577 * VPD end tag will hang the device. This problem was initially 578 * observed when a vpd entry was created in sysfs 579 * ('/sys/bus/pci/devices/<id>/vpd'). A read to this sysfs entry 580 * will dump 32k of data. Reading a full 32k will cause an access 581 * beyond the VPD end tag causing the device to hang. Once the device 582 * is hung, the bnx2 driver will not be able to reset the device. 583 * We believe that it is legal to read beyond the end tag and 584 * therefore the solution is to limit the read/write length. 585 */ 586 static void quirk_brcm_570x_limit_vpd(struct pci_dev *dev) 587 { 588 /* 589 * Only disable the VPD capability for 5706, 5706S, 5708, 590 * 5708S and 5709 rev. A 591 */ 592 if ((dev->device == PCI_DEVICE_ID_NX2_5706) || 593 (dev->device == PCI_DEVICE_ID_NX2_5706S) || 594 (dev->device == PCI_DEVICE_ID_NX2_5708) || 595 (dev->device == PCI_DEVICE_ID_NX2_5708S) || 596 ((dev->device == PCI_DEVICE_ID_NX2_5709) && 597 (dev->revision & 0xf0) == 0x0)) { 598 if (dev->vpd) 599 dev->vpd->len = 0x80; 600 } 601 } 602 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 603 PCI_DEVICE_ID_NX2_5706, 604 quirk_brcm_570x_limit_vpd); 605 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 606 PCI_DEVICE_ID_NX2_5706S, 607 quirk_brcm_570x_limit_vpd); 608 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 609 PCI_DEVICE_ID_NX2_5708, 610 quirk_brcm_570x_limit_vpd); 611 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 612 PCI_DEVICE_ID_NX2_5708S, 613 quirk_brcm_570x_limit_vpd); 614 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 615 PCI_DEVICE_ID_NX2_5709, 616 quirk_brcm_570x_limit_vpd); 617 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_BROADCOM, 618 PCI_DEVICE_ID_NX2_5709S, 619 quirk_brcm_570x_limit_vpd); 620 621 static void quirk_chelsio_extend_vpd(struct pci_dev *dev) 622 { 623 int chip = (dev->device & 0xf000) >> 12; 624 int func = (dev->device & 0x0f00) >> 8; 625 int prod = (dev->device & 0x00ff) >> 0; 626 627 /* 628 * If this is a T3-based adapter, there's a 1KB VPD area at offset 629 * 0xc00 which contains the preferred VPD values. If this is a T4 or 630 * later based adapter, the special VPD is at offset 0x400 for the 631 * Physical Functions (the SR-IOV Virtual Functions have no VPD 632 * Capabilities). The PCI VPD Access core routines will normally 633 * compute the size of the VPD by parsing the VPD Data Structure at 634 * offset 0x000. This will result in silent failures when attempting 635 * to accesses these other VPD areas which are beyond those computed 636 * limits. 637 */ 638 if (chip == 0x0 && prod >= 0x20) 639 pci_set_vpd_size(dev, 8192); 640 else if (chip >= 0x4 && func < 0x8) 641 pci_set_vpd_size(dev, 2048); 642 } 643 644 DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_CHELSIO, PCI_ANY_ID, 645 quirk_chelsio_extend_vpd); 646 647 #endif 648