0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
0014
0015 #include <linux/device.h>
0016 #include <linux/eventfd.h>
0017 #include <linux/file.h>
0018 #include <linux/interrupt.h>
0019 #include <linux/iommu.h>
0020 #include <linux/module.h>
0021 #include <linux/mutex.h>
0022 #include <linux/notifier.h>
0023 #include <linux/pm_runtime.h>
0024 #include <linux/slab.h>
0025 #include <linux/types.h>
0026 #include <linux/uaccess.h>
0027
0028 #include <linux/vfio_pci_core.h>
0029
0030 #define DRIVER_AUTHOR "Alex Williamson <alex.williamson@redhat.com>"
0031 #define DRIVER_DESC "VFIO PCI - User Level meta-driver"
0032
0033 static char ids[1024] __initdata;
0034 module_param_string(ids, ids, sizeof(ids), 0);
0035 MODULE_PARM_DESC(ids, "Initial PCI IDs to add to the vfio driver, format is \"vendor:device[:subvendor[:subdevice[:class[:class_mask]]]]\" and multiple comma separated entries can be specified");
0036
0037 static bool nointxmask;
0038 module_param_named(nointxmask, nointxmask, bool, S_IRUGO | S_IWUSR);
0039 MODULE_PARM_DESC(nointxmask,
0040 "Disable support for PCI 2.3 style INTx masking. If this resolves problems for specific devices, report lspci -vvvxxx to linux-pci@vger.kernel.org so the device can be fixed automatically via the broken_intx_masking flag.");
0041
0042 #ifdef CONFIG_VFIO_PCI_VGA
0043 static bool disable_vga;
0044 module_param(disable_vga, bool, S_IRUGO);
0045 MODULE_PARM_DESC(disable_vga, "Disable VGA resource access through vfio-pci");
0046 #endif
0047
0048 static bool disable_idle_d3;
0049 module_param(disable_idle_d3, bool, S_IRUGO | S_IWUSR);
0050 MODULE_PARM_DESC(disable_idle_d3,
0051 "Disable using the PCI D3 low power state for idle, unused devices");
0052
0053 static bool enable_sriov;
0054 #ifdef CONFIG_PCI_IOV
0055 module_param(enable_sriov, bool, 0644);
0056 MODULE_PARM_DESC(enable_sriov, "Enable support for SR-IOV configuration. Enabling SR-IOV on a PF typically requires support of the userspace PF driver, enabling VFs without such support may result in non-functional VFs or PF.");
0057 #endif
0058
0059 static bool disable_denylist;
0060 module_param(disable_denylist, bool, 0444);
0061 MODULE_PARM_DESC(disable_denylist, "Disable use of device denylist. Disabling the denylist allows binding to devices with known errata that may lead to exploitable stability or security issues when accessed by untrusted users.");
0062
0063 static bool vfio_pci_dev_in_denylist(struct pci_dev *pdev)
0064 {
0065 switch (pdev->vendor) {
0066 case PCI_VENDOR_ID_INTEL:
0067 switch (pdev->device) {
0068 case PCI_DEVICE_ID_INTEL_QAT_C3XXX:
0069 case PCI_DEVICE_ID_INTEL_QAT_C3XXX_VF:
0070 case PCI_DEVICE_ID_INTEL_QAT_C62X:
0071 case PCI_DEVICE_ID_INTEL_QAT_C62X_VF:
0072 case PCI_DEVICE_ID_INTEL_QAT_DH895XCC:
0073 case PCI_DEVICE_ID_INTEL_QAT_DH895XCC_VF:
0074 return true;
0075 default:
0076 return false;
0077 }
0078 }
0079
0080 return false;
0081 }
0082
0083 static bool vfio_pci_is_denylisted(struct pci_dev *pdev)
0084 {
0085 if (!vfio_pci_dev_in_denylist(pdev))
0086 return false;
0087
0088 if (disable_denylist) {
0089 pci_warn(pdev,
0090 "device denylist disabled - allowing device %04x:%04x.\n",
0091 pdev->vendor, pdev->device);
0092 return false;
0093 }
0094
0095 pci_warn(pdev, "%04x:%04x exists in vfio-pci device denylist, driver probing disallowed.\n",
0096 pdev->vendor, pdev->device);
0097
0098 return true;
0099 }
0100
0101 static int vfio_pci_open_device(struct vfio_device *core_vdev)
0102 {
0103 struct vfio_pci_core_device *vdev =
0104 container_of(core_vdev, struct vfio_pci_core_device, vdev);
0105 struct pci_dev *pdev = vdev->pdev;
0106 int ret;
0107
0108 ret = vfio_pci_core_enable(vdev);
0109 if (ret)
0110 return ret;
0111
0112 if (vfio_pci_is_vga(pdev) &&
0113 pdev->vendor == PCI_VENDOR_ID_INTEL &&
0114 IS_ENABLED(CONFIG_VFIO_PCI_IGD)) {
0115 ret = vfio_pci_igd_init(vdev);
0116 if (ret && ret != -ENODEV) {
0117 pci_warn(pdev, "Failed to setup Intel IGD regions\n");
0118 vfio_pci_core_disable(vdev);
0119 return ret;
0120 }
0121 }
0122
0123 vfio_pci_core_finish_enable(vdev);
0124
0125 return 0;
0126 }
0127
0128 static const struct vfio_device_ops vfio_pci_ops = {
0129 .name = "vfio-pci",
0130 .open_device = vfio_pci_open_device,
0131 .close_device = vfio_pci_core_close_device,
0132 .ioctl = vfio_pci_core_ioctl,
0133 .device_feature = vfio_pci_core_ioctl_feature,
0134 .read = vfio_pci_core_read,
0135 .write = vfio_pci_core_write,
0136 .mmap = vfio_pci_core_mmap,
0137 .request = vfio_pci_core_request,
0138 .match = vfio_pci_core_match,
0139 };
0140
0141 static int vfio_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
0142 {
0143 struct vfio_pci_core_device *vdev;
0144 int ret;
0145
0146 if (vfio_pci_is_denylisted(pdev))
0147 return -EINVAL;
0148
0149 vdev = kzalloc(sizeof(*vdev), GFP_KERNEL);
0150 if (!vdev)
0151 return -ENOMEM;
0152 vfio_pci_core_init_device(vdev, pdev, &vfio_pci_ops);
0153
0154 dev_set_drvdata(&pdev->dev, vdev);
0155 ret = vfio_pci_core_register_device(vdev);
0156 if (ret)
0157 goto out_free;
0158 return 0;
0159
0160 out_free:
0161 vfio_pci_core_uninit_device(vdev);
0162 kfree(vdev);
0163 return ret;
0164 }
0165
0166 static void vfio_pci_remove(struct pci_dev *pdev)
0167 {
0168 struct vfio_pci_core_device *vdev = dev_get_drvdata(&pdev->dev);
0169
0170 vfio_pci_core_unregister_device(vdev);
0171 vfio_pci_core_uninit_device(vdev);
0172 kfree(vdev);
0173 }
0174
0175 static int vfio_pci_sriov_configure(struct pci_dev *pdev, int nr_virtfn)
0176 {
0177 struct vfio_pci_core_device *vdev = dev_get_drvdata(&pdev->dev);
0178
0179 if (!enable_sriov)
0180 return -ENOENT;
0181
0182 return vfio_pci_core_sriov_configure(vdev, nr_virtfn);
0183 }
0184
0185 static const struct pci_device_id vfio_pci_table[] = {
0186 { PCI_DRIVER_OVERRIDE_DEVICE_VFIO(PCI_ANY_ID, PCI_ANY_ID) },
0187 {}
0188 };
0189
0190 MODULE_DEVICE_TABLE(pci, vfio_pci_table);
0191
0192 static struct pci_driver vfio_pci_driver = {
0193 .name = "vfio-pci",
0194 .id_table = vfio_pci_table,
0195 .probe = vfio_pci_probe,
0196 .remove = vfio_pci_remove,
0197 .sriov_configure = vfio_pci_sriov_configure,
0198 .err_handler = &vfio_pci_core_err_handlers,
0199 .driver_managed_dma = true,
0200 };
0201
0202 static void __init vfio_pci_fill_ids(void)
0203 {
0204 char *p, *id;
0205 int rc;
0206
0207
0208 if (ids[0] == '\0')
0209 return;
0210
0211
0212 p = ids;
0213 while ((id = strsep(&p, ","))) {
0214 unsigned int vendor, device, subvendor = PCI_ANY_ID,
0215 subdevice = PCI_ANY_ID, class = 0, class_mask = 0;
0216 int fields;
0217
0218 if (!strlen(id))
0219 continue;
0220
0221 fields = sscanf(id, "%x:%x:%x:%x:%x:%x",
0222 &vendor, &device, &subvendor, &subdevice,
0223 &class, &class_mask);
0224
0225 if (fields < 2) {
0226 pr_warn("invalid id string \"%s\"\n", id);
0227 continue;
0228 }
0229
0230 rc = pci_add_dynid(&vfio_pci_driver, vendor, device,
0231 subvendor, subdevice, class, class_mask, 0);
0232 if (rc)
0233 pr_warn("failed to add dynamic id [%04x:%04x[%04x:%04x]] class %#08x/%08x (%d)\n",
0234 vendor, device, subvendor, subdevice,
0235 class, class_mask, rc);
0236 else
0237 pr_info("add [%04x:%04x[%04x:%04x]] class %#08x/%08x\n",
0238 vendor, device, subvendor, subdevice,
0239 class, class_mask);
0240 }
0241 }
0242
0243 static int __init vfio_pci_init(void)
0244 {
0245 int ret;
0246 bool is_disable_vga = true;
0247
0248 #ifdef CONFIG_VFIO_PCI_VGA
0249 is_disable_vga = disable_vga;
0250 #endif
0251
0252 vfio_pci_core_set_params(nointxmask, is_disable_vga, disable_idle_d3);
0253
0254
0255 ret = pci_register_driver(&vfio_pci_driver);
0256 if (ret)
0257 return ret;
0258
0259 vfio_pci_fill_ids();
0260
0261 if (disable_denylist)
0262 pr_warn("device denylist disabled.\n");
0263
0264 return 0;
0265 }
0266 module_init(vfio_pci_init);
0267
0268 static void __exit vfio_pci_cleanup(void)
0269 {
0270 pci_unregister_driver(&vfio_pci_driver);
0271 }
0272 module_exit(vfio_pci_cleanup);
0273
0274 MODULE_LICENSE("GPL v2");
0275 MODULE_AUTHOR(DRIVER_AUTHOR);
0276 MODULE_DESCRIPTION(DRIVER_DESC);
