0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013 #include <linux/init.h>
0014 #include <linux/module.h>
0015 #include <linux/device.h>
0016 #include <linux/kernel.h>
0017 #include <linux/fs.h>
0018 #include <linux/poll.h>
0019 #include <linux/slab.h>
0020 #include <linux/cdev.h>
0021 #include <linux/sched.h>
0022 #include <linux/wait.h>
0023 #include <linux/uuid.h>
0024 #include <linux/vfio.h>
0025 #include <linux/iommu.h>
0026 #include <linux/sysfs.h>
0027 #include <linux/ctype.h>
0028 #include <linux/file.h>
0029 #include <linux/mdev.h>
0030 #include <linux/pci.h>
0031 #include <linux/serial.h>
0032 #include <uapi/linux/serial_reg.h>
0033 #include <linux/eventfd.h>
0034
0035
0036
0037
0038 #define VERSION_STRING "0.1"
0039 #define DRIVER_AUTHOR "NVIDIA Corporation"
0040
0041 #define MTTY_CLASS_NAME "mtty"
0042
0043 #define MTTY_NAME "mtty"
0044
0045 #define MTTY_STRING_LEN 16
0046
0047 #define MTTY_CONFIG_SPACE_SIZE 0xff
0048 #define MTTY_IO_BAR_SIZE 0x8
0049 #define MTTY_MMIO_BAR_SIZE 0x100000
0050
0051 #define STORE_LE16(addr, val) (*(u16 *)addr = val)
0052 #define STORE_LE32(addr, val) (*(u32 *)addr = val)
0053
0054 #define MAX_FIFO_SIZE 16
0055
0056 #define CIRCULAR_BUF_INC_IDX(idx) (idx = (idx + 1) & (MAX_FIFO_SIZE - 1))
0057
0058 #define MTTY_VFIO_PCI_OFFSET_SHIFT 40
0059
0060 #define MTTY_VFIO_PCI_OFFSET_TO_INDEX(off) (off >> MTTY_VFIO_PCI_OFFSET_SHIFT)
0061 #define MTTY_VFIO_PCI_INDEX_TO_OFFSET(index) \
0062 ((u64)(index) << MTTY_VFIO_PCI_OFFSET_SHIFT)
0063 #define MTTY_VFIO_PCI_OFFSET_MASK \
0064 (((u64)(1) << MTTY_VFIO_PCI_OFFSET_SHIFT) - 1)
0065 #define MAX_MTTYS 24
0066
0067
0068
0069
0070
0071 static struct mtty_dev {
0072 dev_t vd_devt;
0073 struct class *vd_class;
0074 struct cdev vd_cdev;
0075 struct idr vd_idr;
0076 struct device dev;
0077 } mtty_dev;
0078
0079 struct mdev_region_info {
0080 u64 start;
0081 u64 phys_start;
0082 u32 size;
0083 u64 vfio_offset;
0084 };
0085
0086 #if defined(DEBUG_REGS)
0087 static const char *wr_reg[] = {
0088 "TX",
0089 "IER",
0090 "FCR",
0091 "LCR",
0092 "MCR",
0093 "LSR",
0094 "MSR",
0095 "SCR"
0096 };
0097
0098 static const char *rd_reg[] = {
0099 "RX",
0100 "IER",
0101 "IIR",
0102 "LCR",
0103 "MCR",
0104 "LSR",
0105 "MSR",
0106 "SCR"
0107 };
0108 #endif
0109
0110
0111 struct rxtx {
0112 u8 fifo[MAX_FIFO_SIZE];
0113 u8 head, tail;
0114 u8 count;
0115 };
0116
0117 struct serial_port {
0118 u8 uart_reg[8];
0119 struct rxtx rxtx;
0120 bool dlab;
0121 bool overrun;
0122 u16 divisor;
0123 u8 fcr;
0124 u8 max_fifo_size;
0125 u8 intr_trigger_level;
0126 };
0127
0128
0129 struct mdev_state {
0130 struct vfio_device vdev;
0131 int irq_fd;
0132 struct eventfd_ctx *intx_evtfd;
0133 struct eventfd_ctx *msi_evtfd;
0134 int irq_index;
0135 u8 *vconfig;
0136 struct mutex ops_lock;
0137 struct mdev_device *mdev;
0138 struct mdev_region_info region_info[VFIO_PCI_NUM_REGIONS];
0139 u32 bar_mask[VFIO_PCI_NUM_REGIONS];
0140 struct list_head next;
0141 struct serial_port s[2];
0142 struct mutex rxtx_lock;
0143 struct vfio_device_info dev_info;
0144 int nr_ports;
0145 };
0146
0147 static atomic_t mdev_avail_ports = ATOMIC_INIT(MAX_MTTYS);
0148
0149 static const struct file_operations vd_fops = {
0150 .owner = THIS_MODULE,
0151 };
0152
0153 static const struct vfio_device_ops mtty_dev_ops;
0154
0155
0156
0157 static int mtty_trigger_interrupt(struct mdev_state *mdev_state);
0158
0159
0160
0161 static void dump_buffer(u8 *buf, uint32_t count)
0162 {
0163 #if defined(DEBUG)
0164 int i;
0165
0166 pr_info("Buffer:\n");
0167 for (i = 0; i < count; i++) {
0168 pr_info("%2x ", *(buf + i));
0169 if ((i + 1) % 16 == 0)
0170 pr_info("\n");
0171 }
0172 #endif
0173 }
0174
0175 static void mtty_create_config_space(struct mdev_state *mdev_state)
0176 {
0177
0178 STORE_LE32((u32 *) &mdev_state->vconfig[0x0], 0x32534348);
0179
0180
0181 STORE_LE16((u16 *) &mdev_state->vconfig[0x4], 0x0001);
0182
0183
0184 STORE_LE16((u16 *) &mdev_state->vconfig[0x6], 0x0200);
0185
0186
0187 mdev_state->vconfig[0x8] = 0x10;
0188
0189
0190 mdev_state->vconfig[0x9] = 0x02;
0191
0192
0193 mdev_state->vconfig[0xa] = 0x00;
0194
0195
0196 mdev_state->vconfig[0xb] = 0x07;
0197
0198
0199
0200 STORE_LE32((u32 *) &mdev_state->vconfig[0x10], 0x000001);
0201 mdev_state->bar_mask[0] = ~(MTTY_IO_BAR_SIZE) + 1;
0202
0203 if (mdev_state->nr_ports == 2) {
0204
0205 STORE_LE32((u32 *) &mdev_state->vconfig[0x14], 0x000001);
0206 mdev_state->bar_mask[1] = ~(MTTY_IO_BAR_SIZE) + 1;
0207 }
0208
0209
0210 STORE_LE32((u32 *) &mdev_state->vconfig[0x2c], 0x32534348);
0211
0212 mdev_state->vconfig[0x34] = 0x00;
0213 mdev_state->vconfig[0x3d] = 0x01;
0214
0215
0216 mdev_state->vconfig[0x40] = 0x23;
0217 mdev_state->vconfig[0x43] = 0x80;
0218 mdev_state->vconfig[0x44] = 0x23;
0219 mdev_state->vconfig[0x48] = 0x23;
0220 mdev_state->vconfig[0x4c] = 0x23;
0221
0222 mdev_state->vconfig[0x60] = 0x50;
0223 mdev_state->vconfig[0x61] = 0x43;
0224 mdev_state->vconfig[0x62] = 0x49;
0225 mdev_state->vconfig[0x63] = 0x20;
0226 mdev_state->vconfig[0x64] = 0x53;
0227 mdev_state->vconfig[0x65] = 0x65;
0228 mdev_state->vconfig[0x66] = 0x72;
0229 mdev_state->vconfig[0x67] = 0x69;
0230 mdev_state->vconfig[0x68] = 0x61;
0231 mdev_state->vconfig[0x69] = 0x6c;
0232 mdev_state->vconfig[0x6a] = 0x2f;
0233 mdev_state->vconfig[0x6b] = 0x55;
0234 mdev_state->vconfig[0x6c] = 0x41;
0235 mdev_state->vconfig[0x6d] = 0x52;
0236 mdev_state->vconfig[0x6e] = 0x54;
0237 }
0238
0239 static void handle_pci_cfg_write(struct mdev_state *mdev_state, u16 offset,
0240 u8 *buf, u32 count)
0241 {
0242 u32 cfg_addr, bar_mask, bar_index = 0;
0243
0244 switch (offset) {
0245 case 0x04:
0246 case 0x06:
0247
0248 break;
0249 case 0x3c:
0250 mdev_state->vconfig[0x3c] = buf[0];
0251 break;
0252 case 0x3d:
0253
0254
0255
0256
0257 break;
0258 case 0x10:
0259 case 0x14:
0260 if (offset == 0x10)
0261 bar_index = 0;
0262 else if (offset == 0x14)
0263 bar_index = 1;
0264
0265 if ((mdev_state->nr_ports == 1) && (bar_index == 1)) {
0266 STORE_LE32(&mdev_state->vconfig[offset], 0);
0267 break;
0268 }
0269
0270 cfg_addr = *(u32 *)buf;
0271 pr_info("BAR%d addr 0x%x\n", bar_index, cfg_addr);
0272
0273 if (cfg_addr == 0xffffffff) {
0274 bar_mask = mdev_state->bar_mask[bar_index];
0275 cfg_addr = (cfg_addr & bar_mask);
0276 }
0277
0278 cfg_addr |= (mdev_state->vconfig[offset] & 0x3ul);
0279 STORE_LE32(&mdev_state->vconfig[offset], cfg_addr);
0280 break;
0281 case 0x18:
0282 case 0x1c:
0283 case 0x20:
0284 STORE_LE32(&mdev_state->vconfig[offset], 0);
0285 break;
0286 default:
0287 pr_info("PCI config write @0x%x of %d bytes not handled\n",
0288 offset, count);
0289 break;
0290 }
0291 }
0292
0293 static void handle_bar_write(unsigned int index, struct mdev_state *mdev_state,
0294 u16 offset, u8 *buf, u32 count)
0295 {
0296 u8 data = *buf;
0297
0298
0299 switch (offset) {
0300 case UART_TX:
0301
0302 if (mdev_state->s[index].dlab) {
0303 mdev_state->s[index].divisor |= data;
0304 break;
0305 }
0306
0307 mutex_lock(&mdev_state->rxtx_lock);
0308
0309
0310 if (mdev_state->s[index].rxtx.count <
0311 mdev_state->s[index].max_fifo_size) {
0312 mdev_state->s[index].rxtx.fifo[
0313 mdev_state->s[index].rxtx.head] = data;
0314 mdev_state->s[index].rxtx.count++;
0315 CIRCULAR_BUF_INC_IDX(mdev_state->s[index].rxtx.head);
0316 mdev_state->s[index].overrun = false;
0317
0318
0319
0320
0321
0322 if ((mdev_state->s[index].uart_reg[UART_IER] &
0323 UART_IER_RDI) &&
0324 (mdev_state->s[index].rxtx.count ==
0325 mdev_state->s[index].intr_trigger_level)) {
0326
0327 #if defined(DEBUG_INTR)
0328 pr_err("Serial port %d: Fifo level trigger\n",
0329 index);
0330 #endif
0331 mtty_trigger_interrupt(mdev_state);
0332 }
0333 } else {
0334 #if defined(DEBUG_INTR)
0335 pr_err("Serial port %d: Buffer Overflow\n", index);
0336 #endif
0337 mdev_state->s[index].overrun = true;
0338
0339
0340
0341
0342
0343 if (mdev_state->s[index].uart_reg[UART_IER] &
0344 UART_IER_RLSI)
0345 mtty_trigger_interrupt(mdev_state);
0346 }
0347 mutex_unlock(&mdev_state->rxtx_lock);
0348 break;
0349
0350 case UART_IER:
0351
0352 if (mdev_state->s[index].dlab)
0353 mdev_state->s[index].divisor |= (u16)data << 8;
0354 else {
0355 mdev_state->s[index].uart_reg[offset] = data;
0356 mutex_lock(&mdev_state->rxtx_lock);
0357 if ((data & UART_IER_THRI) &&
0358 (mdev_state->s[index].rxtx.head ==
0359 mdev_state->s[index].rxtx.tail)) {
0360 #if defined(DEBUG_INTR)
0361 pr_err("Serial port %d: IER_THRI write\n",
0362 index);
0363 #endif
0364 mtty_trigger_interrupt(mdev_state);
0365 }
0366
0367 mutex_unlock(&mdev_state->rxtx_lock);
0368 }
0369
0370 break;
0371
0372 case UART_FCR:
0373 mdev_state->s[index].fcr = data;
0374
0375 mutex_lock(&mdev_state->rxtx_lock);
0376 if (data & (UART_FCR_CLEAR_RCVR | UART_FCR_CLEAR_XMIT)) {
0377
0378 mdev_state->s[index].rxtx.count = 0;
0379 mdev_state->s[index].rxtx.head = 0;
0380 mdev_state->s[index].rxtx.tail = 0;
0381 }
0382 mutex_unlock(&mdev_state->rxtx_lock);
0383
0384 switch (data & UART_FCR_TRIGGER_MASK) {
0385 case UART_FCR_TRIGGER_1:
0386 mdev_state->s[index].intr_trigger_level = 1;
0387 break;
0388
0389 case UART_FCR_TRIGGER_4:
0390 mdev_state->s[index].intr_trigger_level = 4;
0391 break;
0392
0393 case UART_FCR_TRIGGER_8:
0394 mdev_state->s[index].intr_trigger_level = 8;
0395 break;
0396
0397 case UART_FCR_TRIGGER_14:
0398 mdev_state->s[index].intr_trigger_level = 14;
0399 break;
0400 }
0401
0402
0403
0404
0405
0406
0407 mdev_state->s[index].intr_trigger_level = 1;
0408 if (data & UART_FCR_ENABLE_FIFO)
0409 mdev_state->s[index].max_fifo_size = MAX_FIFO_SIZE;
0410 else {
0411 mdev_state->s[index].max_fifo_size = 1;
0412 mdev_state->s[index].intr_trigger_level = 1;
0413 }
0414
0415 break;
0416
0417 case UART_LCR:
0418 if (data & UART_LCR_DLAB) {
0419 mdev_state->s[index].dlab = true;
0420 mdev_state->s[index].divisor = 0;
0421 } else
0422 mdev_state->s[index].dlab = false;
0423
0424 mdev_state->s[index].uart_reg[offset] = data;
0425 break;
0426
0427 case UART_MCR:
0428 mdev_state->s[index].uart_reg[offset] = data;
0429
0430 if ((mdev_state->s[index].uart_reg[UART_IER] & UART_IER_MSI) &&
0431 (data & UART_MCR_OUT2)) {
0432 #if defined(DEBUG_INTR)
0433 pr_err("Serial port %d: MCR_OUT2 write\n", index);
0434 #endif
0435 mtty_trigger_interrupt(mdev_state);
0436 }
0437
0438 if ((mdev_state->s[index].uart_reg[UART_IER] & UART_IER_MSI) &&
0439 (data & (UART_MCR_RTS | UART_MCR_DTR))) {
0440 #if defined(DEBUG_INTR)
0441 pr_err("Serial port %d: MCR RTS/DTR write\n", index);
0442 #endif
0443 mtty_trigger_interrupt(mdev_state);
0444 }
0445 break;
0446
0447 case UART_LSR:
0448 case UART_MSR:
0449
0450 break;
0451
0452 case UART_SCR:
0453 mdev_state->s[index].uart_reg[offset] = data;
0454 break;
0455
0456 default:
0457 break;
0458 }
0459 }
0460
0461 static void handle_bar_read(unsigned int index, struct mdev_state *mdev_state,
0462 u16 offset, u8 *buf, u32 count)
0463 {
0464
0465 switch (offset) {
0466 case UART_RX:
0467
0468 if (mdev_state->s[index].dlab) {
0469 *buf = (u8)mdev_state->s[index].divisor;
0470 break;
0471 }
0472
0473 mutex_lock(&mdev_state->rxtx_lock);
0474
0475 if (mdev_state->s[index].rxtx.head !=
0476 mdev_state->s[index].rxtx.tail) {
0477 *buf = mdev_state->s[index].rxtx.fifo[
0478 mdev_state->s[index].rxtx.tail];
0479 mdev_state->s[index].rxtx.count--;
0480 CIRCULAR_BUF_INC_IDX(mdev_state->s[index].rxtx.tail);
0481 }
0482
0483 if (mdev_state->s[index].rxtx.head ==
0484 mdev_state->s[index].rxtx.tail) {
0485
0486
0487
0488
0489 #if defined(DEBUG_INTR)
0490 pr_err("Serial port %d: Buffer Empty\n", index);
0491 #endif
0492 if (mdev_state->s[index].uart_reg[UART_IER] &
0493 UART_IER_THRI)
0494 mtty_trigger_interrupt(mdev_state);
0495 }
0496 mutex_unlock(&mdev_state->rxtx_lock);
0497
0498 break;
0499
0500 case UART_IER:
0501 if (mdev_state->s[index].dlab) {
0502 *buf = (u8)(mdev_state->s[index].divisor >> 8);
0503 break;
0504 }
0505 *buf = mdev_state->s[index].uart_reg[offset] & 0x0f;
0506 break;
0507
0508 case UART_IIR:
0509 {
0510 u8 ier = mdev_state->s[index].uart_reg[UART_IER];
0511 *buf = 0;
0512
0513 mutex_lock(&mdev_state->rxtx_lock);
0514
0515 if ((ier & UART_IER_RLSI) && mdev_state->s[index].overrun)
0516 *buf |= UART_IIR_RLSI;
0517
0518
0519 if ((ier & UART_IER_RDI) &&
0520 (mdev_state->s[index].rxtx.count >=
0521 mdev_state->s[index].intr_trigger_level))
0522 *buf |= UART_IIR_RDI;
0523
0524
0525 if ((ier & UART_IER_THRI) &&
0526 (mdev_state->s[index].rxtx.head ==
0527 mdev_state->s[index].rxtx.tail))
0528 *buf |= UART_IIR_THRI;
0529
0530
0531 if ((ier & UART_IER_MSI) &&
0532 (mdev_state->s[index].uart_reg[UART_MCR] &
0533 (UART_MCR_RTS | UART_MCR_DTR)))
0534 *buf |= UART_IIR_MSI;
0535
0536
0537 if (*buf == 0)
0538 *buf = UART_IIR_NO_INT;
0539
0540
0541 *buf |= 0xC0;
0542 mutex_unlock(&mdev_state->rxtx_lock);
0543 }
0544 break;
0545
0546 case UART_LCR:
0547 case UART_MCR:
0548 *buf = mdev_state->s[index].uart_reg[offset];
0549 break;
0550
0551 case UART_LSR:
0552 {
0553 u8 lsr = 0;
0554
0555 mutex_lock(&mdev_state->rxtx_lock);
0556
0557 if (mdev_state->s[index].rxtx.head !=
0558 mdev_state->s[index].rxtx.tail)
0559 lsr |= UART_LSR_DR;
0560
0561
0562 if (mdev_state->s[index].overrun)
0563 lsr |= UART_LSR_OE;
0564
0565
0566 if (mdev_state->s[index].rxtx.head ==
0567 mdev_state->s[index].rxtx.tail)
0568 lsr |= UART_LSR_TEMT | UART_LSR_THRE;
0569
0570 mutex_unlock(&mdev_state->rxtx_lock);
0571 *buf = lsr;
0572 break;
0573 }
0574 case UART_MSR:
0575 *buf = UART_MSR_DSR | UART_MSR_DDSR | UART_MSR_DCD;
0576
0577 mutex_lock(&mdev_state->rxtx_lock);
0578
0579 if (mdev_state->s[index].uart_reg[UART_MCR] &
0580 UART_MCR_AFE) {
0581 if (mdev_state->s[index].rxtx.count <
0582 mdev_state->s[index].max_fifo_size)
0583 *buf |= UART_MSR_CTS | UART_MSR_DCTS;
0584 } else
0585 *buf |= UART_MSR_CTS | UART_MSR_DCTS;
0586 mutex_unlock(&mdev_state->rxtx_lock);
0587
0588 break;
0589
0590 case UART_SCR:
0591 *buf = mdev_state->s[index].uart_reg[offset];
0592 break;
0593
0594 default:
0595 break;
0596 }
0597 }
0598
0599 static void mdev_read_base(struct mdev_state *mdev_state)
0600 {
0601 int index, pos;
0602 u32 start_lo, start_hi;
0603 u32 mem_type;
0604
0605 pos = PCI_BASE_ADDRESS_0;
0606
0607 for (index = 0; index <= VFIO_PCI_BAR5_REGION_INDEX; index++) {
0608
0609 if (!mdev_state->region_info[index].size)
0610 continue;
0611
0612 start_lo = (*(u32 *)(mdev_state->vconfig + pos)) &
0613 PCI_BASE_ADDRESS_MEM_MASK;
0614 mem_type = (*(u32 *)(mdev_state->vconfig + pos)) &
0615 PCI_BASE_ADDRESS_MEM_TYPE_MASK;
0616
0617 switch (mem_type) {
0618 case PCI_BASE_ADDRESS_MEM_TYPE_64:
0619 start_hi = (*(u32 *)(mdev_state->vconfig + pos + 4));
0620 pos += 4;
0621 break;
0622 case PCI_BASE_ADDRESS_MEM_TYPE_32:
0623 case PCI_BASE_ADDRESS_MEM_TYPE_1M:
0624
0625 default:
0626
0627 start_hi = 0;
0628 break;
0629 }
0630 pos += 4;
0631 mdev_state->region_info[index].start = ((u64)start_hi << 32) |
0632 start_lo;
0633 }
0634 }
0635
0636 static ssize_t mdev_access(struct mdev_state *mdev_state, u8 *buf, size_t count,
0637 loff_t pos, bool is_write)
0638 {
0639 unsigned int index;
0640 loff_t offset;
0641 int ret = 0;
0642
0643 if (!buf)
0644 return -EINVAL;
0645
0646 mutex_lock(&mdev_state->ops_lock);
0647
0648 index = MTTY_VFIO_PCI_OFFSET_TO_INDEX(pos);
0649 offset = pos & MTTY_VFIO_PCI_OFFSET_MASK;
0650 switch (index) {
0651 case VFIO_PCI_CONFIG_REGION_INDEX:
0652
0653 #if defined(DEBUG)
0654 pr_info("%s: PCI config space %s at offset 0x%llx\n",
0655 __func__, is_write ? "write" : "read", offset);
0656 #endif
0657 if (is_write) {
0658 dump_buffer(buf, count);
0659 handle_pci_cfg_write(mdev_state, offset, buf, count);
0660 } else {
0661 memcpy(buf, (mdev_state->vconfig + offset), count);
0662 dump_buffer(buf, count);
0663 }
0664
0665 break;
0666
0667 case VFIO_PCI_BAR0_REGION_INDEX ... VFIO_PCI_BAR5_REGION_INDEX:
0668 if (!mdev_state->region_info[index].start)
0669 mdev_read_base(mdev_state);
0670
0671 if (is_write) {
0672 dump_buffer(buf, count);
0673
0674 #if defined(DEBUG_REGS)
0675 pr_info("%s: BAR%d WR @0x%llx %s val:0x%02x dlab:%d\n",
0676 __func__, index, offset, wr_reg[offset],
0677 *buf, mdev_state->s[index].dlab);
0678 #endif
0679 handle_bar_write(index, mdev_state, offset, buf, count);
0680 } else {
0681 handle_bar_read(index, mdev_state, offset, buf, count);
0682 dump_buffer(buf, count);
0683
0684 #if defined(DEBUG_REGS)
0685 pr_info("%s: BAR%d RD @0x%llx %s val:0x%02x dlab:%d\n",
0686 __func__, index, offset, rd_reg[offset],
0687 *buf, mdev_state->s[index].dlab);
0688 #endif
0689 }
0690 break;
0691
0692 default:
0693 ret = -1;
0694 goto accessfailed;
0695 }
0696
0697 ret = count;
0698
0699
0700 accessfailed:
0701 mutex_unlock(&mdev_state->ops_lock);
0702
0703 return ret;
0704 }
0705
0706 static int mtty_probe(struct mdev_device *mdev)
0707 {
0708 struct mdev_state *mdev_state;
0709 int nr_ports = mdev_get_type_group_id(mdev) + 1;
0710 int avail_ports = atomic_read(&mdev_avail_ports);
0711 int ret;
0712
0713 do {
0714 if (avail_ports < nr_ports)
0715 return -ENOSPC;
0716 } while (!atomic_try_cmpxchg(&mdev_avail_ports,
0717 &avail_ports, avail_ports - nr_ports));
0718
0719 mdev_state = kzalloc(sizeof(struct mdev_state), GFP_KERNEL);
0720 if (mdev_state == NULL) {
0721 ret = -ENOMEM;
0722 goto err_nr_ports;
0723 }
0724
0725 vfio_init_group_dev(&mdev_state->vdev, &mdev->dev, &mtty_dev_ops);
0726
0727 mdev_state->nr_ports = nr_ports;
0728 mdev_state->irq_index = -1;
0729 mdev_state->s[0].max_fifo_size = MAX_FIFO_SIZE;
0730 mdev_state->s[1].max_fifo_size = MAX_FIFO_SIZE;
0731 mutex_init(&mdev_state->rxtx_lock);
0732 mdev_state->vconfig = kzalloc(MTTY_CONFIG_SPACE_SIZE, GFP_KERNEL);
0733
0734 if (mdev_state->vconfig == NULL) {
0735 ret = -ENOMEM;
0736 goto err_state;
0737 }
0738
0739 mutex_init(&mdev_state->ops_lock);
0740 mdev_state->mdev = mdev;
0741
0742 mtty_create_config_space(mdev_state);
0743
0744 ret = vfio_register_emulated_iommu_dev(&mdev_state->vdev);
0745 if (ret)
0746 goto err_vconfig;
0747 dev_set_drvdata(&mdev->dev, mdev_state);
0748 return 0;
0749
0750 err_vconfig:
0751 kfree(mdev_state->vconfig);
0752 err_state:
0753 vfio_uninit_group_dev(&mdev_state->vdev);
0754 kfree(mdev_state);
0755 err_nr_ports:
0756 atomic_add(nr_ports, &mdev_avail_ports);
0757 return ret;
0758 }
0759
0760 static void mtty_remove(struct mdev_device *mdev)
0761 {
0762 struct mdev_state *mdev_state = dev_get_drvdata(&mdev->dev);
0763 int nr_ports = mdev_state->nr_ports;
0764
0765 vfio_unregister_group_dev(&mdev_state->vdev);
0766
0767 kfree(mdev_state->vconfig);
0768 vfio_uninit_group_dev(&mdev_state->vdev);
0769 kfree(mdev_state);
0770 atomic_add(nr_ports, &mdev_avail_ports);
0771 }
0772
0773 static int mtty_reset(struct mdev_state *mdev_state)
0774 {
0775 pr_info("%s: called\n", __func__);
0776
0777 return 0;
0778 }
0779
0780 static ssize_t mtty_read(struct vfio_device *vdev, char __user *buf,
0781 size_t count, loff_t *ppos)
0782 {
0783 struct mdev_state *mdev_state =
0784 container_of(vdev, struct mdev_state, vdev);
0785 unsigned int done = 0;
0786 int ret;
0787
0788 while (count) {
0789 size_t filled;
0790
0791 if (count >= 4 && !(*ppos % 4)) {
0792 u32 val;
0793
0794 ret = mdev_access(mdev_state, (u8 *)&val, sizeof(val),
0795 *ppos, false);
0796 if (ret <= 0)
0797 goto read_err;
0798
0799 if (copy_to_user(buf, &val, sizeof(val)))
0800 goto read_err;
0801
0802 filled = 4;
0803 } else if (count >= 2 && !(*ppos % 2)) {
0804 u16 val;
0805
0806 ret = mdev_access(mdev_state, (u8 *)&val, sizeof(val),
0807 *ppos, false);
0808 if (ret <= 0)
0809 goto read_err;
0810
0811 if (copy_to_user(buf, &val, sizeof(val)))
0812 goto read_err;
0813
0814 filled = 2;
0815 } else {
0816 u8 val;
0817
0818 ret = mdev_access(mdev_state, (u8 *)&val, sizeof(val),
0819 *ppos, false);
0820 if (ret <= 0)
0821 goto read_err;
0822
0823 if (copy_to_user(buf, &val, sizeof(val)))
0824 goto read_err;
0825
0826 filled = 1;
0827 }
0828
0829 count -= filled;
0830 done += filled;
0831 *ppos += filled;
0832 buf += filled;
0833 }
0834
0835 return done;
0836
0837 read_err:
0838 return -EFAULT;
0839 }
0840
0841 static ssize_t mtty_write(struct vfio_device *vdev, const char __user *buf,
0842 size_t count, loff_t *ppos)
0843 {
0844 struct mdev_state *mdev_state =
0845 container_of(vdev, struct mdev_state, vdev);
0846 unsigned int done = 0;
0847 int ret;
0848
0849 while (count) {
0850 size_t filled;
0851
0852 if (count >= 4 && !(*ppos % 4)) {
0853 u32 val;
0854
0855 if (copy_from_user(&val, buf, sizeof(val)))
0856 goto write_err;
0857
0858 ret = mdev_access(mdev_state, (u8 *)&val, sizeof(val),
0859 *ppos, true);
0860 if (ret <= 0)
0861 goto write_err;
0862
0863 filled = 4;
0864 } else if (count >= 2 && !(*ppos % 2)) {
0865 u16 val;
0866
0867 if (copy_from_user(&val, buf, sizeof(val)))
0868 goto write_err;
0869
0870 ret = mdev_access(mdev_state, (u8 *)&val, sizeof(val),
0871 *ppos, true);
0872 if (ret <= 0)
0873 goto write_err;
0874
0875 filled = 2;
0876 } else {
0877 u8 val;
0878
0879 if (copy_from_user(&val, buf, sizeof(val)))
0880 goto write_err;
0881
0882 ret = mdev_access(mdev_state, (u8 *)&val, sizeof(val),
0883 *ppos, true);
0884 if (ret <= 0)
0885 goto write_err;
0886
0887 filled = 1;
0888 }
0889 count -= filled;
0890 done += filled;
0891 *ppos += filled;
0892 buf += filled;
0893 }
0894
0895 return done;
0896 write_err:
0897 return -EFAULT;
0898 }
0899
0900 static int mtty_set_irqs(struct mdev_state *mdev_state, uint32_t flags,
0901 unsigned int index, unsigned int start,
0902 unsigned int count, void *data)
0903 {
0904 int ret = 0;
0905
0906 mutex_lock(&mdev_state->ops_lock);
0907 switch (index) {
0908 case VFIO_PCI_INTX_IRQ_INDEX:
0909 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
0910 case VFIO_IRQ_SET_ACTION_MASK:
0911 case VFIO_IRQ_SET_ACTION_UNMASK:
0912 break;
0913 case VFIO_IRQ_SET_ACTION_TRIGGER:
0914 {
0915 if (flags & VFIO_IRQ_SET_DATA_NONE) {
0916 pr_info("%s: disable INTx\n", __func__);
0917 if (mdev_state->intx_evtfd)
0918 eventfd_ctx_put(mdev_state->intx_evtfd);
0919 break;
0920 }
0921
0922 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
0923 int fd = *(int *)data;
0924
0925 if (fd > 0) {
0926 struct eventfd_ctx *evt;
0927
0928 evt = eventfd_ctx_fdget(fd);
0929 if (IS_ERR(evt)) {
0930 ret = PTR_ERR(evt);
0931 break;
0932 }
0933 mdev_state->intx_evtfd = evt;
0934 mdev_state->irq_fd = fd;
0935 mdev_state->irq_index = index;
0936 break;
0937 }
0938 }
0939 break;
0940 }
0941 }
0942 break;
0943 case VFIO_PCI_MSI_IRQ_INDEX:
0944 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
0945 case VFIO_IRQ_SET_ACTION_MASK:
0946 case VFIO_IRQ_SET_ACTION_UNMASK:
0947 break;
0948 case VFIO_IRQ_SET_ACTION_TRIGGER:
0949 if (flags & VFIO_IRQ_SET_DATA_NONE) {
0950 if (mdev_state->msi_evtfd)
0951 eventfd_ctx_put(mdev_state->msi_evtfd);
0952 pr_info("%s: disable MSI\n", __func__);
0953 mdev_state->irq_index = VFIO_PCI_INTX_IRQ_INDEX;
0954 break;
0955 }
0956 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
0957 int fd = *(int *)data;
0958 struct eventfd_ctx *evt;
0959
0960 if (fd <= 0)
0961 break;
0962
0963 if (mdev_state->msi_evtfd)
0964 break;
0965
0966 evt = eventfd_ctx_fdget(fd);
0967 if (IS_ERR(evt)) {
0968 ret = PTR_ERR(evt);
0969 break;
0970 }
0971 mdev_state->msi_evtfd = evt;
0972 mdev_state->irq_fd = fd;
0973 mdev_state->irq_index = index;
0974 }
0975 break;
0976 }
0977 break;
0978 case VFIO_PCI_MSIX_IRQ_INDEX:
0979 pr_info("%s: MSIX_IRQ\n", __func__);
0980 break;
0981 case VFIO_PCI_ERR_IRQ_INDEX:
0982 pr_info("%s: ERR_IRQ\n", __func__);
0983 break;
0984 case VFIO_PCI_REQ_IRQ_INDEX:
0985 pr_info("%s: REQ_IRQ\n", __func__);
0986 break;
0987 }
0988
0989 mutex_unlock(&mdev_state->ops_lock);
0990 return ret;
0991 }
0992
0993 static int mtty_trigger_interrupt(struct mdev_state *mdev_state)
0994 {
0995 int ret = -1;
0996
0997 if ((mdev_state->irq_index == VFIO_PCI_MSI_IRQ_INDEX) &&
0998 (!mdev_state->msi_evtfd))
0999 return -EINVAL;
1000 else if ((mdev_state->irq_index == VFIO_PCI_INTX_IRQ_INDEX) &&
1001 (!mdev_state->intx_evtfd)) {
1002 pr_info("%s: Intr eventfd not found\n", __func__);
1003 return -EINVAL;
1004 }
1005
1006 if (mdev_state->irq_index == VFIO_PCI_MSI_IRQ_INDEX)
1007 ret = eventfd_signal(mdev_state->msi_evtfd, 1);
1008 else
1009 ret = eventfd_signal(mdev_state->intx_evtfd, 1);
1010
1011 #if defined(DEBUG_INTR)
1012 pr_info("Intx triggered\n");
1013 #endif
1014 if (ret != 1)
1015 pr_err("%s: eventfd signal failed (%d)\n", __func__, ret);
1016
1017 return ret;
1018 }
1019
1020 static int mtty_get_region_info(struct mdev_state *mdev_state,
1021 struct vfio_region_info *region_info,
1022 u16 *cap_type_id, void **cap_type)
1023 {
1024 unsigned int size = 0;
1025 u32 bar_index;
1026
1027 bar_index = region_info->index;
1028 if (bar_index >= VFIO_PCI_NUM_REGIONS)
1029 return -EINVAL;
1030
1031 mutex_lock(&mdev_state->ops_lock);
1032
1033 switch (bar_index) {
1034 case VFIO_PCI_CONFIG_REGION_INDEX:
1035 size = MTTY_CONFIG_SPACE_SIZE;
1036 break;
1037 case VFIO_PCI_BAR0_REGION_INDEX:
1038 size = MTTY_IO_BAR_SIZE;
1039 break;
1040 case VFIO_PCI_BAR1_REGION_INDEX:
1041 if (mdev_state->nr_ports == 2)
1042 size = MTTY_IO_BAR_SIZE;
1043 break;
1044 default:
1045 size = 0;
1046 break;
1047 }
1048
1049 mdev_state->region_info[bar_index].size = size;
1050 mdev_state->region_info[bar_index].vfio_offset =
1051 MTTY_VFIO_PCI_INDEX_TO_OFFSET(bar_index);
1052
1053 region_info->size = size;
1054 region_info->offset = MTTY_VFIO_PCI_INDEX_TO_OFFSET(bar_index);
1055 region_info->flags = VFIO_REGION_INFO_FLAG_READ |
1056 VFIO_REGION_INFO_FLAG_WRITE;
1057 mutex_unlock(&mdev_state->ops_lock);
1058 return 0;
1059 }
1060
1061 static int mtty_get_irq_info(struct vfio_irq_info *irq_info)
1062 {
1063 switch (irq_info->index) {
1064 case VFIO_PCI_INTX_IRQ_INDEX:
1065 case VFIO_PCI_MSI_IRQ_INDEX:
1066 case VFIO_PCI_REQ_IRQ_INDEX:
1067 break;
1068
1069 default:
1070 return -EINVAL;
1071 }
1072
1073 irq_info->flags = VFIO_IRQ_INFO_EVENTFD;
1074 irq_info->count = 1;
1075
1076 if (irq_info->index == VFIO_PCI_INTX_IRQ_INDEX)
1077 irq_info->flags |= (VFIO_IRQ_INFO_MASKABLE |
1078 VFIO_IRQ_INFO_AUTOMASKED);
1079 else
1080 irq_info->flags |= VFIO_IRQ_INFO_NORESIZE;
1081
1082 return 0;
1083 }
1084
1085 static int mtty_get_device_info(struct vfio_device_info *dev_info)
1086 {
1087 dev_info->flags = VFIO_DEVICE_FLAGS_PCI;
1088 dev_info->num_regions = VFIO_PCI_NUM_REGIONS;
1089 dev_info->num_irqs = VFIO_PCI_NUM_IRQS;
1090
1091 return 0;
1092 }
1093
1094 static long mtty_ioctl(struct vfio_device *vdev, unsigned int cmd,
1095 unsigned long arg)
1096 {
1097 struct mdev_state *mdev_state =
1098 container_of(vdev, struct mdev_state, vdev);
1099 int ret = 0;
1100 unsigned long minsz;
1101
1102 switch (cmd) {
1103 case VFIO_DEVICE_GET_INFO:
1104 {
1105 struct vfio_device_info info;
1106
1107 minsz = offsetofend(struct vfio_device_info, num_irqs);
1108
1109 if (copy_from_user(&info, (void __user *)arg, minsz))
1110 return -EFAULT;
1111
1112 if (info.argsz < minsz)
1113 return -EINVAL;
1114
1115 ret = mtty_get_device_info(&info);
1116 if (ret)
1117 return ret;
1118
1119 memcpy(&mdev_state->dev_info, &info, sizeof(info));
1120
1121 if (copy_to_user((void __user *)arg, &info, minsz))
1122 return -EFAULT;
1123
1124 return 0;
1125 }
1126 case VFIO_DEVICE_GET_REGION_INFO:
1127 {
1128 struct vfio_region_info info;
1129 u16 cap_type_id = 0;
1130 void *cap_type = NULL;
1131
1132 minsz = offsetofend(struct vfio_region_info, offset);
1133
1134 if (copy_from_user(&info, (void __user *)arg, minsz))
1135 return -EFAULT;
1136
1137 if (info.argsz < minsz)
1138 return -EINVAL;
1139
1140 ret = mtty_get_region_info(mdev_state, &info, &cap_type_id,
1141 &cap_type);
1142 if (ret)
1143 return ret;
1144
1145 if (copy_to_user((void __user *)arg, &info, minsz))
1146 return -EFAULT;
1147
1148 return 0;
1149 }
1150
1151 case VFIO_DEVICE_GET_IRQ_INFO:
1152 {
1153 struct vfio_irq_info info;
1154
1155 minsz = offsetofend(struct vfio_irq_info, count);
1156
1157 if (copy_from_user(&info, (void __user *)arg, minsz))
1158 return -EFAULT;
1159
1160 if ((info.argsz < minsz) ||
1161 (info.index >= mdev_state->dev_info.num_irqs))
1162 return -EINVAL;
1163
1164 ret = mtty_get_irq_info(&info);
1165 if (ret)
1166 return ret;
1167
1168 if (copy_to_user((void __user *)arg, &info, minsz))
1169 return -EFAULT;
1170
1171 return 0;
1172 }
1173 case VFIO_DEVICE_SET_IRQS:
1174 {
1175 struct vfio_irq_set hdr;
1176 u8 *data = NULL, *ptr = NULL;
1177 size_t data_size = 0;
1178
1179 minsz = offsetofend(struct vfio_irq_set, count);
1180
1181 if (copy_from_user(&hdr, (void __user *)arg, minsz))
1182 return -EFAULT;
1183
1184 ret = vfio_set_irqs_validate_and_prepare(&hdr,
1185 mdev_state->dev_info.num_irqs,
1186 VFIO_PCI_NUM_IRQS,
1187 &data_size);
1188 if (ret)
1189 return ret;
1190
1191 if (data_size) {
1192 ptr = data = memdup_user((void __user *)(arg + minsz),
1193 data_size);
1194 if (IS_ERR(data))
1195 return PTR_ERR(data);
1196 }
1197
1198 ret = mtty_set_irqs(mdev_state, hdr.flags, hdr.index, hdr.start,
1199 hdr.count, data);
1200
1201 kfree(ptr);
1202 return ret;
1203 }
1204 case VFIO_DEVICE_RESET:
1205 return mtty_reset(mdev_state);
1206 }
1207 return -ENOTTY;
1208 }
1209
1210 static ssize_t
1211 sample_mdev_dev_show(struct device *dev, struct device_attribute *attr,
1212 char *buf)
1213 {
1214 return sprintf(buf, "This is MDEV %s\n", dev_name(dev));
1215 }
1216
1217 static DEVICE_ATTR_RO(sample_mdev_dev);
1218
1219 static struct attribute *mdev_dev_attrs[] = {
1220 &dev_attr_sample_mdev_dev.attr,
1221 NULL,
1222 };
1223
1224 static const struct attribute_group mdev_dev_group = {
1225 .name = "vendor",
1226 .attrs = mdev_dev_attrs,
1227 };
1228
1229 static const struct attribute_group *mdev_dev_groups[] = {
1230 &mdev_dev_group,
1231 NULL,
1232 };
1233
1234 static ssize_t name_show(struct mdev_type *mtype,
1235 struct mdev_type_attribute *attr, char *buf)
1236 {
1237 static const char *name_str[2] = { "Single port serial",
1238 "Dual port serial" };
1239
1240 return sysfs_emit(buf, "%s\n",
1241 name_str[mtype_get_type_group_id(mtype)]);
1242 }
1243
1244 static MDEV_TYPE_ATTR_RO(name);
1245
1246 static ssize_t available_instances_show(struct mdev_type *mtype,
1247 struct mdev_type_attribute *attr,
1248 char *buf)
1249 {
1250 unsigned int ports = mtype_get_type_group_id(mtype) + 1;
1251
1252 return sprintf(buf, "%d\n", atomic_read(&mdev_avail_ports) / ports);
1253 }
1254
1255 static MDEV_TYPE_ATTR_RO(available_instances);
1256
1257 static ssize_t device_api_show(struct mdev_type *mtype,
1258 struct mdev_type_attribute *attr, char *buf)
1259 {
1260 return sprintf(buf, "%s\n", VFIO_DEVICE_API_PCI_STRING);
1261 }
1262
1263 static MDEV_TYPE_ATTR_RO(device_api);
1264
1265 static struct attribute *mdev_types_attrs[] = {
1266 &mdev_type_attr_name.attr,
1267 &mdev_type_attr_device_api.attr,
1268 &mdev_type_attr_available_instances.attr,
1269 NULL,
1270 };
1271
1272 static struct attribute_group mdev_type_group1 = {
1273 .name = "1",
1274 .attrs = mdev_types_attrs,
1275 };
1276
1277 static struct attribute_group mdev_type_group2 = {
1278 .name = "2",
1279 .attrs = mdev_types_attrs,
1280 };
1281
1282 static struct attribute_group *mdev_type_groups[] = {
1283 &mdev_type_group1,
1284 &mdev_type_group2,
1285 NULL,
1286 };
1287
1288 static const struct vfio_device_ops mtty_dev_ops = {
1289 .name = "vfio-mtty",
1290 .read = mtty_read,
1291 .write = mtty_write,
1292 .ioctl = mtty_ioctl,
1293 };
1294
1295 static struct mdev_driver mtty_driver = {
1296 .driver = {
1297 .name = "mtty",
1298 .owner = THIS_MODULE,
1299 .mod_name = KBUILD_MODNAME,
1300 .dev_groups = mdev_dev_groups,
1301 },
1302 .probe = mtty_probe,
1303 .remove = mtty_remove,
1304 .supported_type_groups = mdev_type_groups,
1305 };
1306
1307 static void mtty_device_release(struct device *dev)
1308 {
1309 dev_dbg(dev, "mtty: released\n");
1310 }
1311
1312 static int __init mtty_dev_init(void)
1313 {
1314 int ret = 0;
1315
1316 pr_info("mtty_dev: %s\n", __func__);
1317
1318 memset(&mtty_dev, 0, sizeof(mtty_dev));
1319
1320 idr_init(&mtty_dev.vd_idr);
1321
1322 ret = alloc_chrdev_region(&mtty_dev.vd_devt, 0, MINORMASK + 1,
1323 MTTY_NAME);
1324
1325 if (ret < 0) {
1326 pr_err("Error: failed to register mtty_dev, err:%d\n", ret);
1327 return ret;
1328 }
1329
1330 cdev_init(&mtty_dev.vd_cdev, &vd_fops);
1331 cdev_add(&mtty_dev.vd_cdev, mtty_dev.vd_devt, MINORMASK + 1);
1332
1333 pr_info("major_number:%d\n", MAJOR(mtty_dev.vd_devt));
1334
1335 ret = mdev_register_driver(&mtty_driver);
1336 if (ret)
1337 goto err_cdev;
1338
1339 mtty_dev.vd_class = class_create(THIS_MODULE, MTTY_CLASS_NAME);
1340
1341 if (IS_ERR(mtty_dev.vd_class)) {
1342 pr_err("Error: failed to register mtty_dev class\n");
1343 ret = PTR_ERR(mtty_dev.vd_class);
1344 goto err_driver;
1345 }
1346
1347 mtty_dev.dev.class = mtty_dev.vd_class;
1348 mtty_dev.dev.release = mtty_device_release;
1349 dev_set_name(&mtty_dev.dev, "%s", MTTY_NAME);
1350
1351 ret = device_register(&mtty_dev.dev);
1352 if (ret)
1353 goto err_class;
1354
1355 ret = mdev_register_device(&mtty_dev.dev, &mtty_driver);
1356 if (ret)
1357 goto err_device;
1358 return 0;
1359
1360 err_device:
1361 device_unregister(&mtty_dev.dev);
1362 err_class:
1363 class_destroy(mtty_dev.vd_class);
1364 err_driver:
1365 mdev_unregister_driver(&mtty_driver);
1366 err_cdev:
1367 cdev_del(&mtty_dev.vd_cdev);
1368 unregister_chrdev_region(mtty_dev.vd_devt, MINORMASK + 1);
1369 return ret;
1370 }
1371
1372 static void __exit mtty_dev_exit(void)
1373 {
1374 mtty_dev.dev.bus = NULL;
1375 mdev_unregister_device(&mtty_dev.dev);
1376
1377 device_unregister(&mtty_dev.dev);
1378 idr_destroy(&mtty_dev.vd_idr);
1379 mdev_unregister_driver(&mtty_driver);
1380 cdev_del(&mtty_dev.vd_cdev);
1381 unregister_chrdev_region(mtty_dev.vd_devt, MINORMASK + 1);
1382 class_destroy(mtty_dev.vd_class);
1383 mtty_dev.vd_class = NULL;
1384 pr_info("mtty_dev: Unloaded!\n");
1385 }
1386
1387 module_init(mtty_dev_init)
1388 module_exit(mtty_dev_exit)
1389
1390 MODULE_LICENSE("GPL v2");
1391 MODULE_INFO(supported, "Test driver that simulate serial port over PCI");
1392 MODULE_VERSION(VERSION_STRING);
1393 MODULE_AUTHOR(DRIVER_AUTHOR);
