xref: /OK3568_Linux_fs/kernel/arch/s390/pci/pci_mmio.c (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun  * Access to PCI I/O memory from user space programs.
4*4882a593Smuzhiyun  *
5*4882a593Smuzhiyun  * Copyright IBM Corp. 2014
6*4882a593Smuzhiyun  * Author(s): Alexey Ishchuk <aishchuk@linux.vnet.ibm.com>
7*4882a593Smuzhiyun  */
8*4882a593Smuzhiyun #include <linux/kernel.h>
9*4882a593Smuzhiyun #include <linux/syscalls.h>
10*4882a593Smuzhiyun #include <linux/init.h>
11*4882a593Smuzhiyun #include <linux/mm.h>
12*4882a593Smuzhiyun #include <linux/errno.h>
13*4882a593Smuzhiyun #include <linux/pci.h>
14*4882a593Smuzhiyun #include <asm/pci_io.h>
15*4882a593Smuzhiyun #include <asm/pci_debug.h>
16*4882a593Smuzhiyun 
zpci_err_mmio(u8 cc,u8 status,u64 offset)17*4882a593Smuzhiyun static inline void zpci_err_mmio(u8 cc, u8 status, u64 offset)
18*4882a593Smuzhiyun {
19*4882a593Smuzhiyun 	struct {
20*4882a593Smuzhiyun 		u64 offset;
21*4882a593Smuzhiyun 		u8 cc;
22*4882a593Smuzhiyun 		u8 status;
23*4882a593Smuzhiyun 	} data = {offset, cc, status};
24*4882a593Smuzhiyun 
25*4882a593Smuzhiyun 	zpci_err_hex(&data, sizeof(data));
26*4882a593Smuzhiyun }
27*4882a593Smuzhiyun 
__pcistb_mio_inuser(void __iomem * ioaddr,const void __user * src,u64 len,u8 * status)28*4882a593Smuzhiyun static inline int __pcistb_mio_inuser(
29*4882a593Smuzhiyun 		void __iomem *ioaddr, const void __user *src,
30*4882a593Smuzhiyun 		u64 len, u8 *status)
31*4882a593Smuzhiyun {
32*4882a593Smuzhiyun 	int cc = -ENXIO;
33*4882a593Smuzhiyun 
34*4882a593Smuzhiyun 	asm volatile (
35*4882a593Smuzhiyun 		"       sacf 256\n"
36*4882a593Smuzhiyun 		"0:     .insn   rsy,0xeb00000000d4,%[len],%[ioaddr],%[src]\n"
37*4882a593Smuzhiyun 		"1:     ipm     %[cc]\n"
38*4882a593Smuzhiyun 		"       srl     %[cc],28\n"
39*4882a593Smuzhiyun 		"2:     sacf 768\n"
40*4882a593Smuzhiyun 		EX_TABLE(0b, 2b) EX_TABLE(1b, 2b)
41*4882a593Smuzhiyun 		: [cc] "+d" (cc), [len] "+d" (len)
42*4882a593Smuzhiyun 		: [ioaddr] "a" (ioaddr), [src] "Q" (*((u8 __force *)src))
43*4882a593Smuzhiyun 		: "cc", "memory");
44*4882a593Smuzhiyun 	*status = len >> 24 & 0xff;
45*4882a593Smuzhiyun 	return cc;
46*4882a593Smuzhiyun }
47*4882a593Smuzhiyun 
__pcistg_mio_inuser(void __iomem * ioaddr,const void __user * src,u64 ulen,u8 * status)48*4882a593Smuzhiyun static inline int __pcistg_mio_inuser(
49*4882a593Smuzhiyun 		void __iomem *ioaddr, const void __user *src,
50*4882a593Smuzhiyun 		u64 ulen, u8 *status)
51*4882a593Smuzhiyun {
52*4882a593Smuzhiyun 	register u64 addr asm("2") = (u64 __force) ioaddr;
53*4882a593Smuzhiyun 	register u64 len asm("3") = ulen;
54*4882a593Smuzhiyun 	int cc = -ENXIO;
55*4882a593Smuzhiyun 	u64 val = 0;
56*4882a593Smuzhiyun 	u64 cnt = ulen;
57*4882a593Smuzhiyun 	u8 tmp;
58*4882a593Smuzhiyun 
59*4882a593Smuzhiyun 	/*
60*4882a593Smuzhiyun 	 * copy 0 < @len <= 8 bytes from @src into the right most bytes of
61*4882a593Smuzhiyun 	 * a register, then store it to PCI at @ioaddr while in secondary
62*4882a593Smuzhiyun 	 * address space. pcistg then uses the user mappings.
63*4882a593Smuzhiyun 	 */
64*4882a593Smuzhiyun 	asm volatile (
65*4882a593Smuzhiyun 		"       sacf    256\n"
66*4882a593Smuzhiyun 		"0:     llgc    %[tmp],0(%[src])\n"
67*4882a593Smuzhiyun 		"4:	sllg	%[val],%[val],8\n"
68*4882a593Smuzhiyun 		"       aghi    %[src],1\n"
69*4882a593Smuzhiyun 		"       ogr     %[val],%[tmp]\n"
70*4882a593Smuzhiyun 		"       brctg   %[cnt],0b\n"
71*4882a593Smuzhiyun 		"1:     .insn   rre,0xb9d40000,%[val],%[ioaddr]\n"
72*4882a593Smuzhiyun 		"2:     ipm     %[cc]\n"
73*4882a593Smuzhiyun 		"       srl     %[cc],28\n"
74*4882a593Smuzhiyun 		"3:     sacf    768\n"
75*4882a593Smuzhiyun 		EX_TABLE(0b, 3b) EX_TABLE(4b, 3b) EX_TABLE(1b, 3b) EX_TABLE(2b, 3b)
76*4882a593Smuzhiyun 		:
77*4882a593Smuzhiyun 		[src] "+a" (src), [cnt] "+d" (cnt),
78*4882a593Smuzhiyun 		[val] "+d" (val), [tmp] "=d" (tmp),
79*4882a593Smuzhiyun 		[len] "+d" (len), [cc] "+d" (cc),
80*4882a593Smuzhiyun 		[ioaddr] "+a" (addr)
81*4882a593Smuzhiyun 		:: "cc", "memory");
82*4882a593Smuzhiyun 	*status = len >> 24 & 0xff;
83*4882a593Smuzhiyun 
84*4882a593Smuzhiyun 	/* did we read everything from user memory? */
85*4882a593Smuzhiyun 	if (!cc && cnt != 0)
86*4882a593Smuzhiyun 		cc = -EFAULT;
87*4882a593Smuzhiyun 
88*4882a593Smuzhiyun 	return cc;
89*4882a593Smuzhiyun }
90*4882a593Smuzhiyun 
__memcpy_toio_inuser(void __iomem * dst,const void __user * src,size_t n)91*4882a593Smuzhiyun static inline int __memcpy_toio_inuser(void __iomem *dst,
92*4882a593Smuzhiyun 				   const void __user *src, size_t n)
93*4882a593Smuzhiyun {
94*4882a593Smuzhiyun 	int size, rc = 0;
95*4882a593Smuzhiyun 	u8 status = 0;
96*4882a593Smuzhiyun 	mm_segment_t old_fs;
97*4882a593Smuzhiyun 
98*4882a593Smuzhiyun 	if (!src)
99*4882a593Smuzhiyun 		return -EINVAL;
100*4882a593Smuzhiyun 
101*4882a593Smuzhiyun 	old_fs = enable_sacf_uaccess();
102*4882a593Smuzhiyun 	while (n > 0) {
103*4882a593Smuzhiyun 		size = zpci_get_max_write_size((u64 __force) dst,
104*4882a593Smuzhiyun 					       (u64 __force) src, n,
105*4882a593Smuzhiyun 					       ZPCI_MAX_WRITE_SIZE);
106*4882a593Smuzhiyun 		if (size > 8) /* main path */
107*4882a593Smuzhiyun 			rc = __pcistb_mio_inuser(dst, src, size, &status);
108*4882a593Smuzhiyun 		else
109*4882a593Smuzhiyun 			rc = __pcistg_mio_inuser(dst, src, size, &status);
110*4882a593Smuzhiyun 		if (rc)
111*4882a593Smuzhiyun 			break;
112*4882a593Smuzhiyun 		src += size;
113*4882a593Smuzhiyun 		dst += size;
114*4882a593Smuzhiyun 		n -= size;
115*4882a593Smuzhiyun 	}
116*4882a593Smuzhiyun 	disable_sacf_uaccess(old_fs);
117*4882a593Smuzhiyun 	if (rc)
118*4882a593Smuzhiyun 		zpci_err_mmio(rc, status, (__force u64) dst);
119*4882a593Smuzhiyun 	return rc;
120*4882a593Smuzhiyun }
121*4882a593Smuzhiyun 
get_pfn(unsigned long user_addr,unsigned long access,unsigned long * pfn)122*4882a593Smuzhiyun static long get_pfn(unsigned long user_addr, unsigned long access,
123*4882a593Smuzhiyun 		    unsigned long *pfn)
124*4882a593Smuzhiyun {
125*4882a593Smuzhiyun 	struct vm_area_struct *vma;
126*4882a593Smuzhiyun 	long ret;
127*4882a593Smuzhiyun 
128*4882a593Smuzhiyun 	mmap_read_lock(current->mm);
129*4882a593Smuzhiyun 	ret = -EINVAL;
130*4882a593Smuzhiyun 	vma = find_vma(current->mm, user_addr);
131*4882a593Smuzhiyun 	if (!vma || user_addr < vma->vm_start)
132*4882a593Smuzhiyun 		goto out;
133*4882a593Smuzhiyun 	ret = -EACCES;
134*4882a593Smuzhiyun 	if (!(vma->vm_flags & access))
135*4882a593Smuzhiyun 		goto out;
136*4882a593Smuzhiyun 	ret = follow_pfn(vma, user_addr, pfn);
137*4882a593Smuzhiyun out:
138*4882a593Smuzhiyun 	mmap_read_unlock(current->mm);
139*4882a593Smuzhiyun 	return ret;
140*4882a593Smuzhiyun }
141*4882a593Smuzhiyun 
SYSCALL_DEFINE3(s390_pci_mmio_write,unsigned long,mmio_addr,const void __user *,user_buffer,size_t,length)142*4882a593Smuzhiyun SYSCALL_DEFINE3(s390_pci_mmio_write, unsigned long, mmio_addr,
143*4882a593Smuzhiyun 		const void __user *, user_buffer, size_t, length)
144*4882a593Smuzhiyun {
145*4882a593Smuzhiyun 	u8 local_buf[64];
146*4882a593Smuzhiyun 	void __iomem *io_addr;
147*4882a593Smuzhiyun 	void *buf;
148*4882a593Smuzhiyun 	unsigned long pfn;
149*4882a593Smuzhiyun 	long ret;
150*4882a593Smuzhiyun 
151*4882a593Smuzhiyun 	if (!zpci_is_enabled())
152*4882a593Smuzhiyun 		return -ENODEV;
153*4882a593Smuzhiyun 
154*4882a593Smuzhiyun 	if (length <= 0 || PAGE_SIZE - (mmio_addr & ~PAGE_MASK) < length)
155*4882a593Smuzhiyun 		return -EINVAL;
156*4882a593Smuzhiyun 
157*4882a593Smuzhiyun 	/*
158*4882a593Smuzhiyun 	 * We only support write access to MIO capable devices if we are on
159*4882a593Smuzhiyun 	 * a MIO enabled system. Otherwise we would have to check for every
160*4882a593Smuzhiyun 	 * address if it is a special ZPCI_ADDR and would have to do
161*4882a593Smuzhiyun 	 * a get_pfn() which we don't need for MIO capable devices.  Currently
162*4882a593Smuzhiyun 	 * ISM devices are the only devices without MIO support and there is no
163*4882a593Smuzhiyun 	 * known need for accessing these from userspace.
164*4882a593Smuzhiyun 	 */
165*4882a593Smuzhiyun 	if (static_branch_likely(&have_mio)) {
166*4882a593Smuzhiyun 		ret = __memcpy_toio_inuser((void  __iomem *) mmio_addr,
167*4882a593Smuzhiyun 					user_buffer,
168*4882a593Smuzhiyun 					length);
169*4882a593Smuzhiyun 		return ret;
170*4882a593Smuzhiyun 	}
171*4882a593Smuzhiyun 
172*4882a593Smuzhiyun 	if (length > 64) {
173*4882a593Smuzhiyun 		buf = kmalloc(length, GFP_KERNEL);
174*4882a593Smuzhiyun 		if (!buf)
175*4882a593Smuzhiyun 			return -ENOMEM;
176*4882a593Smuzhiyun 	} else
177*4882a593Smuzhiyun 		buf = local_buf;
178*4882a593Smuzhiyun 
179*4882a593Smuzhiyun 	ret = get_pfn(mmio_addr, VM_WRITE, &pfn);
180*4882a593Smuzhiyun 	if (ret)
181*4882a593Smuzhiyun 		goto out;
182*4882a593Smuzhiyun 	io_addr = (void __iomem *)((pfn << PAGE_SHIFT) |
183*4882a593Smuzhiyun 			(mmio_addr & ~PAGE_MASK));
184*4882a593Smuzhiyun 
185*4882a593Smuzhiyun 	ret = -EFAULT;
186*4882a593Smuzhiyun 	if ((unsigned long) io_addr < ZPCI_IOMAP_ADDR_BASE)
187*4882a593Smuzhiyun 		goto out;
188*4882a593Smuzhiyun 
189*4882a593Smuzhiyun 	if (copy_from_user(buf, user_buffer, length))
190*4882a593Smuzhiyun 		goto out;
191*4882a593Smuzhiyun 
192*4882a593Smuzhiyun 	ret = zpci_memcpy_toio(io_addr, buf, length);
193*4882a593Smuzhiyun out:
194*4882a593Smuzhiyun 	if (buf != local_buf)
195*4882a593Smuzhiyun 		kfree(buf);
196*4882a593Smuzhiyun 	return ret;
197*4882a593Smuzhiyun }
198*4882a593Smuzhiyun 
__pcilg_mio_inuser(void __user * dst,const void __iomem * ioaddr,u64 ulen,u8 * status)199*4882a593Smuzhiyun static inline int __pcilg_mio_inuser(
200*4882a593Smuzhiyun 		void __user *dst, const void __iomem *ioaddr,
201*4882a593Smuzhiyun 		u64 ulen, u8 *status)
202*4882a593Smuzhiyun {
203*4882a593Smuzhiyun 	register u64 addr asm("2") = (u64 __force) ioaddr;
204*4882a593Smuzhiyun 	register u64 len asm("3") = ulen;
205*4882a593Smuzhiyun 	u64 cnt = ulen;
206*4882a593Smuzhiyun 	int shift = ulen * 8;
207*4882a593Smuzhiyun 	int cc = -ENXIO;
208*4882a593Smuzhiyun 	u64 val, tmp;
209*4882a593Smuzhiyun 
210*4882a593Smuzhiyun 	/*
211*4882a593Smuzhiyun 	 * read 0 < @len <= 8 bytes from the PCI memory mapped at @ioaddr (in
212*4882a593Smuzhiyun 	 * user space) into a register using pcilg then store these bytes at
213*4882a593Smuzhiyun 	 * user address @dst
214*4882a593Smuzhiyun 	 */
215*4882a593Smuzhiyun 	asm volatile (
216*4882a593Smuzhiyun 		"       sacf    256\n"
217*4882a593Smuzhiyun 		"0:     .insn   rre,0xb9d60000,%[val],%[ioaddr]\n"
218*4882a593Smuzhiyun 		"1:     ipm     %[cc]\n"
219*4882a593Smuzhiyun 		"       srl     %[cc],28\n"
220*4882a593Smuzhiyun 		"       ltr     %[cc],%[cc]\n"
221*4882a593Smuzhiyun 		"       jne     4f\n"
222*4882a593Smuzhiyun 		"2:     ahi     %[shift],-8\n"
223*4882a593Smuzhiyun 		"       srlg    %[tmp],%[val],0(%[shift])\n"
224*4882a593Smuzhiyun 		"3:     stc     %[tmp],0(%[dst])\n"
225*4882a593Smuzhiyun 		"5:	aghi	%[dst],1\n"
226*4882a593Smuzhiyun 		"       brctg   %[cnt],2b\n"
227*4882a593Smuzhiyun 		"4:     sacf    768\n"
228*4882a593Smuzhiyun 		EX_TABLE(0b, 4b) EX_TABLE(1b, 4b) EX_TABLE(3b, 4b) EX_TABLE(5b, 4b)
229*4882a593Smuzhiyun 		:
230*4882a593Smuzhiyun 		[cc] "+d" (cc), [val] "=d" (val), [len] "+d" (len),
231*4882a593Smuzhiyun 		[dst] "+a" (dst), [cnt] "+d" (cnt), [tmp] "=d" (tmp),
232*4882a593Smuzhiyun 		[shift] "+d" (shift)
233*4882a593Smuzhiyun 		:
234*4882a593Smuzhiyun 		[ioaddr] "a" (addr)
235*4882a593Smuzhiyun 		: "cc", "memory");
236*4882a593Smuzhiyun 
237*4882a593Smuzhiyun 	/* did we write everything to the user space buffer? */
238*4882a593Smuzhiyun 	if (!cc && cnt != 0)
239*4882a593Smuzhiyun 		cc = -EFAULT;
240*4882a593Smuzhiyun 
241*4882a593Smuzhiyun 	*status = len >> 24 & 0xff;
242*4882a593Smuzhiyun 	return cc;
243*4882a593Smuzhiyun }
244*4882a593Smuzhiyun 
__memcpy_fromio_inuser(void __user * dst,const void __iomem * src,unsigned long n)245*4882a593Smuzhiyun static inline int __memcpy_fromio_inuser(void __user *dst,
246*4882a593Smuzhiyun 				     const void __iomem *src,
247*4882a593Smuzhiyun 				     unsigned long n)
248*4882a593Smuzhiyun {
249*4882a593Smuzhiyun 	int size, rc = 0;
250*4882a593Smuzhiyun 	u8 status;
251*4882a593Smuzhiyun 	mm_segment_t old_fs;
252*4882a593Smuzhiyun 
253*4882a593Smuzhiyun 	old_fs = enable_sacf_uaccess();
254*4882a593Smuzhiyun 	while (n > 0) {
255*4882a593Smuzhiyun 		size = zpci_get_max_write_size((u64 __force) src,
256*4882a593Smuzhiyun 					       (u64 __force) dst, n,
257*4882a593Smuzhiyun 					       ZPCI_MAX_READ_SIZE);
258*4882a593Smuzhiyun 		rc = __pcilg_mio_inuser(dst, src, size, &status);
259*4882a593Smuzhiyun 		if (rc)
260*4882a593Smuzhiyun 			break;
261*4882a593Smuzhiyun 		src += size;
262*4882a593Smuzhiyun 		dst += size;
263*4882a593Smuzhiyun 		n -= size;
264*4882a593Smuzhiyun 	}
265*4882a593Smuzhiyun 	disable_sacf_uaccess(old_fs);
266*4882a593Smuzhiyun 	if (rc)
267*4882a593Smuzhiyun 		zpci_err_mmio(rc, status, (__force u64) dst);
268*4882a593Smuzhiyun 	return rc;
269*4882a593Smuzhiyun }
270*4882a593Smuzhiyun 
SYSCALL_DEFINE3(s390_pci_mmio_read,unsigned long,mmio_addr,void __user *,user_buffer,size_t,length)271*4882a593Smuzhiyun SYSCALL_DEFINE3(s390_pci_mmio_read, unsigned long, mmio_addr,
272*4882a593Smuzhiyun 		void __user *, user_buffer, size_t, length)
273*4882a593Smuzhiyun {
274*4882a593Smuzhiyun 	u8 local_buf[64];
275*4882a593Smuzhiyun 	void __iomem *io_addr;
276*4882a593Smuzhiyun 	void *buf;
277*4882a593Smuzhiyun 	unsigned long pfn;
278*4882a593Smuzhiyun 	long ret;
279*4882a593Smuzhiyun 
280*4882a593Smuzhiyun 	if (!zpci_is_enabled())
281*4882a593Smuzhiyun 		return -ENODEV;
282*4882a593Smuzhiyun 
283*4882a593Smuzhiyun 	if (length <= 0 || PAGE_SIZE - (mmio_addr & ~PAGE_MASK) < length)
284*4882a593Smuzhiyun 		return -EINVAL;
285*4882a593Smuzhiyun 
286*4882a593Smuzhiyun 	/*
287*4882a593Smuzhiyun 	 * We only support read access to MIO capable devices if we are on
288*4882a593Smuzhiyun 	 * a MIO enabled system. Otherwise we would have to check for every
289*4882a593Smuzhiyun 	 * address if it is a special ZPCI_ADDR and would have to do
290*4882a593Smuzhiyun 	 * a get_pfn() which we don't need for MIO capable devices.  Currently
291*4882a593Smuzhiyun 	 * ISM devices are the only devices without MIO support and there is no
292*4882a593Smuzhiyun 	 * known need for accessing these from userspace.
293*4882a593Smuzhiyun 	 */
294*4882a593Smuzhiyun 	if (static_branch_likely(&have_mio)) {
295*4882a593Smuzhiyun 		ret = __memcpy_fromio_inuser(
296*4882a593Smuzhiyun 				user_buffer, (const void __iomem *)mmio_addr,
297*4882a593Smuzhiyun 				length);
298*4882a593Smuzhiyun 		return ret;
299*4882a593Smuzhiyun 	}
300*4882a593Smuzhiyun 
301*4882a593Smuzhiyun 	if (length > 64) {
302*4882a593Smuzhiyun 		buf = kmalloc(length, GFP_KERNEL);
303*4882a593Smuzhiyun 		if (!buf)
304*4882a593Smuzhiyun 			return -ENOMEM;
305*4882a593Smuzhiyun 	} else {
306*4882a593Smuzhiyun 		buf = local_buf;
307*4882a593Smuzhiyun 	}
308*4882a593Smuzhiyun 
309*4882a593Smuzhiyun 	ret = get_pfn(mmio_addr, VM_READ, &pfn);
310*4882a593Smuzhiyun 	if (ret)
311*4882a593Smuzhiyun 		goto out;
312*4882a593Smuzhiyun 	io_addr = (void __iomem *)((pfn << PAGE_SHIFT) | (mmio_addr & ~PAGE_MASK));
313*4882a593Smuzhiyun 
314*4882a593Smuzhiyun 	if ((unsigned long) io_addr < ZPCI_IOMAP_ADDR_BASE) {
315*4882a593Smuzhiyun 		ret = -EFAULT;
316*4882a593Smuzhiyun 		goto out;
317*4882a593Smuzhiyun 	}
318*4882a593Smuzhiyun 	ret = zpci_memcpy_fromio(buf, io_addr, length);
319*4882a593Smuzhiyun 	if (ret)
320*4882a593Smuzhiyun 		goto out;
321*4882a593Smuzhiyun 	if (copy_to_user(user_buffer, buf, length))
322*4882a593Smuzhiyun 		ret = -EFAULT;
323*4882a593Smuzhiyun 
324*4882a593Smuzhiyun out:
325*4882a593Smuzhiyun 	if (buf != local_buf)
326*4882a593Smuzhiyun 		kfree(buf);
327*4882a593Smuzhiyun 	return ret;
328*4882a593Smuzhiyun }
329