1
2
3
4
5
6
7
8
9
10
11
12
13#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14
15#include <linux/device.h>
16#include <linux/eventfd.h>
17#include <linux/file.h>
18#include <linux/interrupt.h>
19#include <linux/iommu.h>
20#include <linux/module.h>
21#include <linux/mutex.h>
22#include <linux/notifier.h>
23#include <linux/pm_runtime.h>
24#include <linux/slab.h>
25#include <linux/types.h>
26#include <linux/uaccess.h>
27
28#include <linux/vfio_pci_core.h>
29
30#define DRIVER_AUTHOR "Alex Williamson <alex.williamson@redhat.com>"
31#define DRIVER_DESC "VFIO PCI - User Level meta-driver"
32
33static char ids[1024] __initdata;
34module_param_string(ids, ids, sizeof(ids), 0);
35MODULE_PARM_DESC(ids, "Initial PCI IDs to add to the vfio driver, format is \"vendor:device[:subvendor[:subdevice[:class[:class_mask]]]]\" and multiple comma separated entries can be specified");
36
37static bool nointxmask;
38module_param_named(nointxmask, nointxmask, bool, S_IRUGO | S_IWUSR);
39MODULE_PARM_DESC(nointxmask,
40 "Disable support for PCI 2.3 style INTx masking. If this resolves problems for specific devices, report lspci -vvvxxx to linux-pci@vger.kernel.org so the device can be fixed automatically via the broken_intx_masking flag.");
41
42#ifdef CONFIG_VFIO_PCI_VGA
43static bool disable_vga;
44module_param(disable_vga, bool, S_IRUGO);
45MODULE_PARM_DESC(disable_vga, "Disable VGA resource access through vfio-pci");
46#endif
47
48static bool disable_idle_d3;
49module_param(disable_idle_d3, bool, S_IRUGO | S_IWUSR);
50MODULE_PARM_DESC(disable_idle_d3,
51 "Disable using the PCI D3 low power state for idle, unused devices");
52
53static bool enable_sriov;
54#ifdef CONFIG_PCI_IOV
55module_param(enable_sriov, bool, 0644);
56MODULE_PARM_DESC(enable_sriov, "Enable support for SR-IOV configuration. Enabling SR-IOV on a PF typically requires support of the userspace PF driver, enabling VFs without such support may result in non-functional VFs or PF.");
57#endif
58
59static bool disable_denylist;
60module_param(disable_denylist, bool, 0444);
61MODULE_PARM_DESC(disable_denylist, "Disable use of device denylist. Disabling the denylist allows binding to devices with known errata that may lead to exploitable stability or security issues when accessed by untrusted users.");
62
63static bool vfio_pci_dev_in_denylist(struct pci_dev *pdev)
64{
65 switch (pdev->vendor) {
66 case PCI_VENDOR_ID_INTEL:
67 switch (pdev->device) {
68 case PCI_DEVICE_ID_INTEL_QAT_C3XXX:
69 case PCI_DEVICE_ID_INTEL_QAT_C3XXX_VF:
70 case PCI_DEVICE_ID_INTEL_QAT_C62X:
71 case PCI_DEVICE_ID_INTEL_QAT_C62X_VF:
72 case PCI_DEVICE_ID_INTEL_QAT_DH895XCC:
73 case PCI_DEVICE_ID_INTEL_QAT_DH895XCC_VF:
74 return true;
75 default:
76 return false;
77 }
78 }
79
80 return false;
81}
82
83static bool vfio_pci_is_denylisted(struct pci_dev *pdev)
84{
85 if (!vfio_pci_dev_in_denylist(pdev))
86 return false;
87
88 if (disable_denylist) {
89 pci_warn(pdev,
90 "device denylist disabled - allowing device %04x:%04x.\n",
91 pdev->vendor, pdev->device);
92 return false;
93 }
94
95 pci_warn(pdev, "%04x:%04x exists in vfio-pci device denylist, driver probing disallowed.\n",
96 pdev->vendor, pdev->device);
97
98 return true;
99}
100
101static int vfio_pci_open_device(struct vfio_device *core_vdev)
102{
103 struct vfio_pci_core_device *vdev =
104 container_of(core_vdev, struct vfio_pci_core_device, vdev);
105 struct pci_dev *pdev = vdev->pdev;
106 int ret;
107
108 ret = vfio_pci_core_enable(vdev);
109 if (ret)
110 return ret;
111
112 if (vfio_pci_is_vga(pdev) &&
113 pdev->vendor == PCI_VENDOR_ID_INTEL &&
114 IS_ENABLED(CONFIG_VFIO_PCI_IGD)) {
115 ret = vfio_pci_igd_init(vdev);
116 if (ret && ret != -ENODEV) {
117 pci_warn(pdev, "Failed to setup Intel IGD regions\n");
118 vfio_pci_core_disable(vdev);
119 return ret;
120 }
121 }
122
123 vfio_pci_core_finish_enable(vdev);
124
125 return 0;
126}
127
128static const struct vfio_device_ops vfio_pci_ops = {
129 .name = "vfio-pci",
130 .open_device = vfio_pci_open_device,
131 .close_device = vfio_pci_core_close_device,
132 .ioctl = vfio_pci_core_ioctl,
133 .read = vfio_pci_core_read,
134 .write = vfio_pci_core_write,
135 .mmap = vfio_pci_core_mmap,
136 .request = vfio_pci_core_request,
137 .match = vfio_pci_core_match,
138};
139
140static int vfio_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
141{
142 struct vfio_pci_core_device *vdev;
143 int ret;
144
145 if (vfio_pci_is_denylisted(pdev))
146 return -EINVAL;
147
148 vdev = kzalloc(sizeof(*vdev), GFP_KERNEL);
149 if (!vdev)
150 return -ENOMEM;
151 vfio_pci_core_init_device(vdev, pdev, &vfio_pci_ops);
152
153 ret = vfio_pci_core_register_device(vdev);
154 if (ret)
155 goto out_free;
156 dev_set_drvdata(&pdev->dev, vdev);
157 return 0;
158
159out_free:
160 vfio_pci_core_uninit_device(vdev);
161 kfree(vdev);
162 return ret;
163}
164
165static void vfio_pci_remove(struct pci_dev *pdev)
166{
167 struct vfio_pci_core_device *vdev = dev_get_drvdata(&pdev->dev);
168
169 vfio_pci_core_unregister_device(vdev);
170 vfio_pci_core_uninit_device(vdev);
171 kfree(vdev);
172}
173
174static int vfio_pci_sriov_configure(struct pci_dev *pdev, int nr_virtfn)
175{
176 if (!enable_sriov)
177 return -ENOENT;
178
179 return vfio_pci_core_sriov_configure(pdev, nr_virtfn);
180}
181
182static const struct pci_device_id vfio_pci_table[] = {
183 { PCI_DRIVER_OVERRIDE_DEVICE_VFIO(PCI_ANY_ID, PCI_ANY_ID) },
184 {}
185};
186
187MODULE_DEVICE_TABLE(pci, vfio_pci_table);
188
189static struct pci_driver vfio_pci_driver = {
190 .name = "vfio-pci",
191 .id_table = vfio_pci_table,
192 .probe = vfio_pci_probe,
193 .remove = vfio_pci_remove,
194 .sriov_configure = vfio_pci_sriov_configure,
195 .err_handler = &vfio_pci_core_err_handlers,
196};
197
198static void __init vfio_pci_fill_ids(void)
199{
200 char *p, *id;
201 int rc;
202
203
204 if (ids[0] == '\0')
205 return;
206
207
208 p = ids;
209 while ((id = strsep(&p, ","))) {
210 unsigned int vendor, device, subvendor = PCI_ANY_ID,
211 subdevice = PCI_ANY_ID, class = 0, class_mask = 0;
212 int fields;
213
214 if (!strlen(id))
215 continue;
216
217 fields = sscanf(id, "%x:%x:%x:%x:%x:%x",
218 &vendor, &device, &subvendor, &subdevice,
219 &class, &class_mask);
220
221 if (fields < 2) {
222 pr_warn("invalid id string \"%s\"\n", id);
223 continue;
224 }
225
226 rc = pci_add_dynid(&vfio_pci_driver, vendor, device,
227 subvendor, subdevice, class, class_mask, 0);
228 if (rc)
229 pr_warn("failed to add dynamic id [%04x:%04x[%04x:%04x]] class %#08x/%08x (%d)\n",
230 vendor, device, subvendor, subdevice,
231 class, class_mask, rc);
232 else
233 pr_info("add [%04x:%04x[%04x:%04x]] class %#08x/%08x\n",
234 vendor, device, subvendor, subdevice,
235 class, class_mask);
236 }
237}
238
239static int __init vfio_pci_init(void)
240{
241 int ret;
242 bool is_disable_vga = true;
243
244#ifdef CONFIG_VFIO_PCI_VGA
245 is_disable_vga = disable_vga;
246#endif
247
248 vfio_pci_core_set_params(nointxmask, is_disable_vga, disable_idle_d3);
249
250
251 ret = pci_register_driver(&vfio_pci_driver);
252 if (ret)
253 return ret;
254
255 vfio_pci_fill_ids();
256
257 if (disable_denylist)
258 pr_warn("device denylist disabled.\n");
259
260 return 0;
261}
262module_init(vfio_pci_init);
263
264static void __exit vfio_pci_cleanup(void)
265{
266 pci_unregister_driver(&vfio_pci_driver);
267}
268module_exit(vfio_pci_cleanup);
269
270MODULE_LICENSE("GPL v2");
271MODULE_AUTHOR(DRIVER_AUTHOR);
272MODULE_DESCRIPTION(DRIVER_DESC);
273
