]> Git Repo - linux.git/blame - drivers/cxl/pci.c
projects / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
cxl/pci: Ignore unknown register block types
[linux.git] / drivers / cxl / pci.c
CommitLineData
4cdadfd5
DW		 1// SPDX-License-Identifier: GPL-2.0-only
2/* Copyright(c) 2020 Intel Corporation. All rights reserved. */
583fa5e7 3#include <uapi/linux/cxl_mem.h>
13237183
BW		 4#include <linux/security.h>
5#include <linux/debugfs.h>
4cdadfd5 6#include <linux/module.h>
fae8817a 7#include <linux/sizes.h>
b39cb105 8#include <linux/mutex.h>
30af9729 9#include <linux/list.h>
b39cb105
DW		 10#include <linux/cdev.h>
11#include <linux/idr.h>
4cdadfd5
DW		 12#include <linux/pci.h>
13#include <linux/io.h>
8adaf747 14#include <linux/io-64-nonatomic-lo-hi.h>
5161a55c 15#include "cxlmem.h"
4cdadfd5 16#include "pci.h"
8adaf747
BW		 17#include "cxl.h"
18
19/**
21e9f767 20 * DOC: cxl pci
8adaf747 21 *
21e9f767
BW		 22 * This implements the PCI exclusive functionality for a CXL device as it is
23 * defined by the Compute Express Link specification. CXL devices may surface
24 * certain functionality even if it isn't CXL enabled.
8adaf747
BW		 25 *
26 * The driver has several responsibilities, mainly:
27 * - Create the memX device and register on the CXL bus.
28 * - Enumerate device's register interface and map them.
29 * - Probe the device attributes to establish sysfs interface.
30 * - Provide an IOCTL interface to userspace to communicate with the device for
31 * things like firmware update.
8adaf747
BW		 32 */
33
34#define cxl_doorbell_busy(cxlm) \
8ac75dd6 35 (readl((cxlm)->regs.mbox + CXLDEV_MBOX_CTRL_OFFSET) & \
8adaf747
BW		 36 CXLDEV_MBOX_CTRL_DOORBELL)
37
38/* CXL 2.0 - 8.2.8.4 */
39#define CXL_MAILBOX_TIMEOUT_MS (2 * HZ)
40
41enum opcode {
583fa5e7 42 CXL_MBOX_OP_INVALID = 0x0000,
13237183 43 CXL_MBOX_OP_RAW = CXL_MBOX_OP_INVALID,
57ee605b 44 CXL_MBOX_OP_GET_FW_INFO = 0x0200,
13237183 45 CXL_MBOX_OP_ACTIVATE_FW = 0x0202,
472b1ce6
BW		 46 CXL_MBOX_OP_GET_SUPPORTED_LOGS = 0x0400,
47 CXL_MBOX_OP_GET_LOG = 0x0401,
8adaf747 48 CXL_MBOX_OP_IDENTIFY = 0x4000,
57ee605b 49 CXL_MBOX_OP_GET_PARTITION_INFO = 0x4100,
13237183 50 CXL_MBOX_OP_SET_PARTITION_INFO = 0x4101,
57ee605b 51 CXL_MBOX_OP_GET_LSA = 0x4102,
13237183 52 CXL_MBOX_OP_SET_LSA = 0x4103,
57ee605b 53 CXL_MBOX_OP_GET_HEALTH_INFO = 0x4200,
87815ee9
BW		 54 CXL_MBOX_OP_GET_ALERT_CONFIG = 0x4201,
55 CXL_MBOX_OP_SET_ALERT_CONFIG = 0x4202,
56 CXL_MBOX_OP_GET_SHUTDOWN_STATE = 0x4203,
13237183 57 CXL_MBOX_OP_SET_SHUTDOWN_STATE = 0x4204,
87815ee9
BW		 58 CXL_MBOX_OP_GET_POISON = 0x4300,
59 CXL_MBOX_OP_INJECT_POISON = 0x4301,
60 CXL_MBOX_OP_CLEAR_POISON = 0x4302,
61 CXL_MBOX_OP_GET_SCAN_MEDIA_CAPS = 0x4303,
13237183
BW		 62 CXL_MBOX_OP_SCAN_MEDIA = 0x4304,
63 CXL_MBOX_OP_GET_SCAN_MEDIA = 0x4305,
8adaf747
BW		 64 CXL_MBOX_OP_MAX = 0x10000
65};
66
67/**
68 * struct mbox_cmd - A command to be submitted to hardware.
69 * @opcode: (input) The command set and command submitted to hardware.
70 * @payload_in: (input) Pointer to the input payload.
71 * @payload_out: (output) Pointer to the output payload. Must be allocated by
72 * the caller.
73 * @size_in: (input) Number of bytes to load from @payload_in.
74 * @size_out: (input) Max number of bytes loaded into @payload_out.
75 * (output) Number of bytes generated by the device. For fixed size
76 * outputs commands this is always expected to be deterministic. For
77 * variable sized output commands, it tells the exact number of bytes
78 * written.
79 * @return_code: (output) Error code returned from hardware.
80 *
81 * This is the primary mechanism used to send commands to the hardware.
82 * All the fields except @payload_* correspond exactly to the fields described in
83 * Command Register section of the CXL 2.0 8.2.8.4.5. @payload_in and
84 * @payload_out are written to, and read from the Command Payload Registers
85 * defined in CXL 2.0 8.2.8.4.8.
86 */
87struct mbox_cmd {
88 u16 opcode;
89 void *payload_in;
90 void *payload_out;
91 size_t size_in;
92 size_t size_out;
93 u16 return_code;
94#define CXL_MBOX_SUCCESS 0
95};
96
58775159 97static DECLARE_RWSEM(cxl_memdev_rwsem);
13237183
BW		 98static struct dentry *cxl_debugfs;
99static bool cxl_raw_allow_all;
b39cb105 100
472b1ce6
BW		 101enum {
102 CEL_UUID,
103 VENDOR_DEBUG_UUID,
104};
105
106/* See CXL 2.0 Table 170. Get Log Input Payload */
107static const uuid_t log_uuid[] = {
108 [CEL_UUID] = UUID_INIT(0xda9c0b5, 0xbf41, 0x4b78, 0x8f, 0x79, 0x96,
109 0xb1, 0x62, 0x3b, 0x3f, 0x17),
110 [VENDOR_DEBUG_UUID] = UUID_INIT(0xe1819d9, 0x11a9, 0x400c, 0x81, 0x1f,
111 0xd6, 0x07, 0x19, 0x40, 0x3d, 0x86),
112};
113
583fa5e7
BW		 114/**
115 * struct cxl_mem_command - Driver representation of a memory device command
116 * @info: Command information as it exists for the UAPI
117 * @opcode: The actual bits used for the mailbox protocol
472b1ce6
BW		 118 * @flags: Set of flags effecting driver behavior.
119 *
120 * * %CXL_CMD_FLAG_FORCE_ENABLE: In cases of error, commands with this flag
121 * will be enabled by the driver regardless of what hardware may have
122 * advertised.
583fa5e7
BW		 123 *
124 * The cxl_mem_command is the driver's internal representation of commands that
125 * are supported by the driver. Some of these commands may not be supported by
126 * the hardware. The driver will use @info to validate the fields passed in by
127 * the user then submit the @opcode to the hardware.
128 *
129 * See struct cxl_command_info.
130 */
131struct cxl_mem_command {
132 struct cxl_command_info info;
133 enum opcode opcode;
472b1ce6
BW		 134 u32 flags;
135#define CXL_CMD_FLAG_NONE 0
136#define CXL_CMD_FLAG_FORCE_ENABLE BIT(0)
583fa5e7
BW		 137};
138
472b1ce6 139#define CXL_CMD(_id, sin, sout, _flags) \
583fa5e7
BW		 140 [CXL_MEM_COMMAND_ID_##_id] = { \
141 .info = { \
142 .id = CXL_MEM_COMMAND_ID_##_id, \
143 .size_in = sin, \
144 .size_out = sout, \
145 }, \
146 .opcode = CXL_MBOX_OP_##_id, \
472b1ce6 147 .flags = _flags, \
583fa5e7
BW		 148 }
149
150/*
151 * This table defines the supported mailbox commands for the driver. This table
152 * is made up of a UAPI structure. Non-negative values as parameters in the
153 * table will be validated against the user's input. For example, if size_in is
154 * 0, and the user passed in 1, it is an error.
155 */
392be0bd 156static struct cxl_mem_command mem_commands[CXL_MEM_COMMAND_ID_MAX] = {
472b1ce6 157 CXL_CMD(IDENTIFY, 0, 0x43, CXL_CMD_FLAG_FORCE_ENABLE),
13237183 158#ifdef CONFIG_CXL_MEM_RAW_COMMANDS
472b1ce6 159 CXL_CMD(RAW, ~0, ~0, 0),
13237183 160#endif
472b1ce6 161 CXL_CMD(GET_SUPPORTED_LOGS, 0, ~0, CXL_CMD_FLAG_FORCE_ENABLE),
57ee605b
BW		 162 CXL_CMD(GET_FW_INFO, 0, 0x50, 0),
163 CXL_CMD(GET_PARTITION_INFO, 0, 0x20, 0),
164 CXL_CMD(GET_LSA, 0x8, ~0, 0),
165 CXL_CMD(GET_HEALTH_INFO, 0, 0x12, 0),
166 CXL_CMD(GET_LOG, 0x18, ~0, CXL_CMD_FLAG_FORCE_ENABLE),
87815ee9
BW		 167 CXL_CMD(SET_PARTITION_INFO, 0x0a, 0, 0),
168 CXL_CMD(SET_LSA, ~0, 0, 0),
169 CXL_CMD(GET_ALERT_CONFIG, 0, 0x10, 0),
170 CXL_CMD(SET_ALERT_CONFIG, 0xc, 0, 0),
171 CXL_CMD(GET_SHUTDOWN_STATE, 0, 0x1, 0),
172 CXL_CMD(SET_SHUTDOWN_STATE, 0x1, 0, 0),
173 CXL_CMD(GET_POISON, 0x10, ~0, 0),
174 CXL_CMD(INJECT_POISON, 0x8, 0, 0),
175 CXL_CMD(CLEAR_POISON, 0x48, 0, 0),
176 CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0),
177 CXL_CMD(SCAN_MEDIA, 0x11, 0, 0),
178 CXL_CMD(GET_SCAN_MEDIA, 0, ~0, 0),
13237183
BW		 179};
180
181/*
182 * Commands that RAW doesn't permit. The rationale for each:
183 *
184 * CXL_MBOX_OP_ACTIVATE_FW: Firmware activation requires adjustment /
185 * coordination of transaction timeout values at the root bridge level.
186 *
187 * CXL_MBOX_OP_SET_PARTITION_INFO: The device memory map may change live
188 * and needs to be coordinated with HDM updates.
189 *
190 * CXL_MBOX_OP_SET_LSA: The label storage area may be cached by the
191 * driver and any writes from userspace invalidates those contents.
192 *
193 * CXL_MBOX_OP_SET_SHUTDOWN_STATE: Set shutdown state assumes no writes
194 * to the device after it is marked clean, userspace can not make that
195 * assertion.
196 *
197 * CXL_MBOX_OP_[GET_]SCAN_MEDIA: The kernel provides a native error list that
198 * is kept up to date with patrol notifications and error management.
199 */
200static u16 cxl_disabled_raw_commands[] = {
201 CXL_MBOX_OP_ACTIVATE_FW,
202 CXL_MBOX_OP_SET_PARTITION_INFO,
203 CXL_MBOX_OP_SET_LSA,
204 CXL_MBOX_OP_SET_SHUTDOWN_STATE,
205 CXL_MBOX_OP_SCAN_MEDIA,
206 CXL_MBOX_OP_GET_SCAN_MEDIA,
207};
208
209/*
210 * Command sets that RAW doesn't permit. All opcodes in this set are
211 * disabled because they pass plain text security payloads over the
212 * user/kernel boundary. This functionality is intended to be wrapped
213 * behind the keys ABI which allows for encrypted payloads in the UAPI
214 */
215static u8 security_command_sets[] = {
216 0x44, /* Sanitize */
217 0x45, /* Persistent Memory Data-at-rest Security */
218 0x46, /* Security Passthrough */
583fa5e7
BW		 219};
220
221#define cxl_for_each_cmd(cmd) \
222 for ((cmd) = &mem_commands[0]; \
223 ((cmd) - mem_commands) < ARRAY_SIZE(mem_commands); (cmd)++)
224
225#define cxl_cmd_count ARRAY_SIZE(mem_commands)
226
8adaf747
BW		 227static int cxl_mem_wait_for_doorbell(struct cxl_mem *cxlm)
228{
229 const unsigned long start = jiffies;
230 unsigned long end = start;
231
232 while (cxl_doorbell_busy(cxlm)) {
233 end = jiffies;
234
235 if (time_after(end, start + CXL_MAILBOX_TIMEOUT_MS)) {
236 /* Check again in case preempted before timeout test */
237 if (!cxl_doorbell_busy(cxlm))
238 break;
239 return -ETIMEDOUT;
240 }
241 cpu_relax();
242 }
243
244 dev_dbg(&cxlm->pdev->dev, "Doorbell wait took %dms",
245 jiffies_to_msecs(end) - jiffies_to_msecs(start));
246 return 0;
247}
248
13237183
BW		 249static bool cxl_is_security_command(u16 opcode)
250{
251 int i;
252
253 for (i = 0; i < ARRAY_SIZE(security_command_sets); i++)
254 if (security_command_sets[i] == (opcode >> 8))
255 return true;
256 return false;
257}
258
8adaf747
BW		 259static void cxl_mem_mbox_timeout(struct cxl_mem *cxlm,
260 struct mbox_cmd *mbox_cmd)
261{
262 struct device *dev = &cxlm->pdev->dev;
263
264 dev_dbg(dev, "Mailbox command (opcode: %#x size: %zub) timed out\n",
265 mbox_cmd->opcode, mbox_cmd->size_in);
266}
267
268/**
269 * __cxl_mem_mbox_send_cmd() - Execute a mailbox command
270 * @cxlm: The CXL memory device to communicate with.
271 * @mbox_cmd: Command to send to the memory device.
272 *
273 * Context: Any context. Expects mbox_mutex to be held.
274 * Return: -ETIMEDOUT if timeout occurred waiting for completion. 0 on success.
275 * Caller should check the return code in @mbox_cmd to make sure it
276 * succeeded.
277 *
278 * This is a generic form of the CXL mailbox send command thus only using the
279 * registers defined by the mailbox capability ID - CXL 2.0 8.2.8.4. Memory
280 * devices, and perhaps other types of CXL devices may have further information
281 * available upon error conditions. Driver facilities wishing to send mailbox
282 * commands should use the wrapper command.
283 *
284 * The CXL spec allows for up to two mailboxes. The intention is for the primary
285 * mailbox to be OS controlled and the secondary mailbox to be used by system
286 * firmware. This allows the OS and firmware to communicate with the device and
287 * not need to coordinate with each other. The driver only uses the primary
288 * mailbox.
289 */
290static int __cxl_mem_mbox_send_cmd(struct cxl_mem *cxlm,
291 struct mbox_cmd *mbox_cmd)
292{
8ac75dd6 293 void __iomem *payload = cxlm->regs.mbox + CXLDEV_MBOX_PAYLOAD_OFFSET;
8adaf747
BW		 294 u64 cmd_reg, status_reg;
295 size_t out_len;
296 int rc;
297
298 lockdep_assert_held(&cxlm->mbox_mutex);
299
300 /*
301 * Here are the steps from 8.2.8.4 of the CXL 2.0 spec.
302 * 1. Caller reads MB Control Register to verify doorbell is clear
303 * 2. Caller writes Command Register
304 * 3. Caller writes Command Payload Registers if input payload is non-empty
305 * 4. Caller writes MB Control Register to set doorbell
306 * 5. Caller either polls for doorbell to be clear or waits for interrupt if configured
307 * 6. Caller reads MB Status Register to fetch Return code
308 * 7. If command successful, Caller reads Command Register to get Payload Length
309 * 8. If output payload is non-empty, host reads Command Payload Registers
310 *
311 * Hardware is free to do whatever it wants before the doorbell is rung,
312 * and isn't allowed to change anything after it clears the doorbell. As
313 * such, steps 2 and 3 can happen in any order, and steps 6, 7, 8 can
314 * also happen in any order (though some orders might not make sense).
315 */
316
317 /* #1 */
318 if (cxl_doorbell_busy(cxlm)) {
319 dev_err_ratelimited(&cxlm->pdev->dev,
320 "Mailbox re-busy after acquiring\n");
321 return -EBUSY;
322 }
323
324 cmd_reg = FIELD_PREP(CXLDEV_MBOX_CMD_COMMAND_OPCODE_MASK,
325 mbox_cmd->opcode);
326 if (mbox_cmd->size_in) {
327 if (WARN_ON(!mbox_cmd->payload_in))
328 return -EINVAL;
329
330 cmd_reg |= FIELD_PREP(CXLDEV_MBOX_CMD_PAYLOAD_LENGTH_MASK,
331 mbox_cmd->size_in);
332 memcpy_toio(payload, mbox_cmd->payload_in, mbox_cmd->size_in);
333 }
334
335 /* #2, #3 */
8ac75dd6 336 writeq(cmd_reg, cxlm->regs.mbox + CXLDEV_MBOX_CMD_OFFSET);
8adaf747
BW		 337
338 /* #4 */
339 dev_dbg(&cxlm->pdev->dev, "Sending command\n");
340 writel(CXLDEV_MBOX_CTRL_DOORBELL,
8ac75dd6 341 cxlm->regs.mbox + CXLDEV_MBOX_CTRL_OFFSET);
8adaf747
BW		 342
343 /* #5 */
344 rc = cxl_mem_wait_for_doorbell(cxlm);
345 if (rc == -ETIMEDOUT) {
346 cxl_mem_mbox_timeout(cxlm, mbox_cmd);
347 return rc;
348 }
349
350 /* #6 */
8ac75dd6 351 status_reg = readq(cxlm->regs.mbox + CXLDEV_MBOX_STATUS_OFFSET);
8adaf747
BW		 352 mbox_cmd->return_code =
353 FIELD_GET(CXLDEV_MBOX_STATUS_RET_CODE_MASK, status_reg);
354
355 if (mbox_cmd->return_code != 0) {
356 dev_dbg(&cxlm->pdev->dev, "Mailbox operation had an error\n");
357 return 0;
358 }
359
360 /* #7 */
8ac75dd6 361 cmd_reg = readq(cxlm->regs.mbox + CXLDEV_MBOX_CMD_OFFSET);
8adaf747
BW		 362 out_len = FIELD_GET(CXLDEV_MBOX_CMD_PAYLOAD_LENGTH_MASK, cmd_reg);
363
364 /* #8 */
365 if (out_len && mbox_cmd->payload_out) {
366 /*
367 * Sanitize the copy. If hardware misbehaves, out_len per the
368 * spec can actually be greater than the max allowed size (21
369 * bits available but spec defined 1M max). The caller also may
370 * have requested less data than the hardware supplied even
371 * within spec.
372 */
373 size_t n = min3(mbox_cmd->size_out, cxlm->payload_size, out_len);
374
375 memcpy_fromio(mbox_cmd->payload_out, payload, n);
376 mbox_cmd->size_out = n;
377 } else {
378 mbox_cmd->size_out = 0;
379 }
380
381 return 0;
382}
383
384/**
385 * cxl_mem_mbox_get() - Acquire exclusive access to the mailbox.
386 * @cxlm: The memory device to gain access to.
387 *
388 * Context: Any context. Takes the mbox_mutex.
389 * Return: 0 if exclusive access was acquired.
390 */
391static int cxl_mem_mbox_get(struct cxl_mem *cxlm)
392{
393 struct device *dev = &cxlm->pdev->dev;
394 u64 md_status;
395 int rc;
396
397 mutex_lock_io(&cxlm->mbox_mutex);
398
399 /*
400 * XXX: There is some amount of ambiguity in the 2.0 version of the spec
401 * around the mailbox interface ready (8.2.8.5.1.1). The purpose of the
402 * bit is to allow firmware running on the device to notify the driver
403 * that it's ready to receive commands. It is unclear if the bit needs
404 * to be read for each transaction mailbox, ie. the firmware can switch
405 * it on and off as needed. Second, there is no defined timeout for
406 * mailbox ready, like there is for the doorbell interface.
407 *
408 * Assumptions:
409 * 1. The firmware might toggle the Mailbox Interface Ready bit, check
410 * it for every command.
411 *
412 * 2. If the doorbell is clear, the firmware should have first set the
413 * Mailbox Interface Ready bit. Therefore, waiting for the doorbell
414 * to be ready is sufficient.
415 */
416 rc = cxl_mem_wait_for_doorbell(cxlm);
417 if (rc) {
418 dev_warn(dev, "Mailbox interface not ready\n");
419 goto out;
420 }
421
8ac75dd6 422 md_status = readq(cxlm->regs.memdev + CXLMDEV_STATUS_OFFSET);
8adaf747
BW		 423 if (!(md_status & CXLMDEV_MBOX_IF_READY && CXLMDEV_READY(md_status))) {
424 dev_err(dev, "mbox: reported doorbell ready, but not mbox ready\n");
425 rc = -EBUSY;
426 goto out;
427 }
428
429 /*
430 * Hardware shouldn't allow a ready status but also have failure bits
431 * set. Spit out an error, this should be a bug report
432 */
433 rc = -EFAULT;
434 if (md_status & CXLMDEV_DEV_FATAL) {
435 dev_err(dev, "mbox: reported ready, but fatal\n");
436 goto out;
437 }
438 if (md_status & CXLMDEV_FW_HALT) {
439 dev_err(dev, "mbox: reported ready, but halted\n");
440 goto out;
441 }
442 if (CXLMDEV_RESET_NEEDED(md_status)) {
443 dev_err(dev, "mbox: reported ready, but reset needed\n");
444 goto out;
445 }
446
447 /* with lock held */
448 return 0;
449
450out:
451 mutex_unlock(&cxlm->mbox_mutex);
452 return rc;
453}
454
455/**
456 * cxl_mem_mbox_put() - Release exclusive access to the mailbox.
457 * @cxlm: The CXL memory device to communicate with.
458 *
459 * Context: Any context. Expects mbox_mutex to be held.
460 */
461static void cxl_mem_mbox_put(struct cxl_mem *cxlm)
462{
463 mutex_unlock(&cxlm->mbox_mutex);
464}
465
583fa5e7
BW		 466/**
467 * handle_mailbox_cmd_from_user() - Dispatch a mailbox command for userspace.
468 * @cxlm: The CXL memory device to communicate with.
469 * @cmd: The validated command.
470 * @in_payload: Pointer to userspace's input payload.
471 * @out_payload: Pointer to userspace's output payload.
472 * @size_out: (Input) Max payload size to copy out.
473 * (Output) Payload size hardware generated.
474 * @retval: Hardware generated return code from the operation.
475 *
476 * Return:
477 * * %0 - Mailbox transaction succeeded. This implies the mailbox
478 * protocol completed successfully not that the operation itself
479 * was successful.
480 * * %-ENOMEM - Couldn't allocate a bounce buffer.
481 * * %-EFAULT - Something happened with copy_to/from_user.
482 * * %-EINTR - Mailbox acquisition interrupted.
483 * * %-EXXX - Transaction level failures.
484 *
485 * Creates the appropriate mailbox command and dispatches it on behalf of a
486 * userspace request. The input and output payloads are copied between
487 * userspace.
488 *
489 * See cxl_send_cmd().
490 */
491static int handle_mailbox_cmd_from_user(struct cxl_mem *cxlm,
492 const struct cxl_mem_command *cmd,
493 u64 in_payload, u64 out_payload,
494 s32 *size_out, u32 *retval)
495{
496 struct device *dev = &cxlm->pdev->dev;
497 struct mbox_cmd mbox_cmd = {
498 .opcode = cmd->opcode,
499 .size_in = cmd->info.size_in,
500 .size_out = cmd->info.size_out,
501 };
502 int rc;
503
504 if (cmd->info.size_out) {
505 mbox_cmd.payload_out = kvzalloc(cmd->info.size_out, GFP_KERNEL);
506 if (!mbox_cmd.payload_out)
507 return -ENOMEM;
508 }
509
510 if (cmd->info.size_in) {
511 mbox_cmd.payload_in = vmemdup_user(u64_to_user_ptr(in_payload),
512 cmd->info.size_in);
88ff5d46
BW		 513 if (IS_ERR(mbox_cmd.payload_in)) {
514 kvfree(mbox_cmd.payload_out);
583fa5e7 515 return PTR_ERR(mbox_cmd.payload_in);
88ff5d46 516 }
583fa5e7
BW		 517 }
518
519 rc = cxl_mem_mbox_get(cxlm);
520 if (rc)
521 goto out;
522
523 dev_dbg(dev,
524 "Submitting %s command for user\n"
525 "\topcode: %x\n"
526 "\tsize: %ub\n",
527 cxl_command_names[cmd->info.id].name, mbox_cmd.opcode,
528 cmd->info.size_in);
529
13237183
BW		 530 dev_WARN_ONCE(dev, cmd->info.id == CXL_MEM_COMMAND_ID_RAW,
531 "raw command path used\n");
532
583fa5e7
BW		 533 rc = __cxl_mem_mbox_send_cmd(cxlm, &mbox_cmd);
534 cxl_mem_mbox_put(cxlm);
535 if (rc)
536 goto out;
537
538 /*
539 * @size_out contains the max size that's allowed to be written back out
540 * to userspace. While the payload may have written more output than
541 * this it will have to be ignored.
542 */
543 if (mbox_cmd.size_out) {
544 dev_WARN_ONCE(dev, mbox_cmd.size_out > *size_out,
545 "Invalid return size\n");
546 if (copy_to_user(u64_to_user_ptr(out_payload),
547 mbox_cmd.payload_out, mbox_cmd.size_out)) {
548 rc = -EFAULT;
549 goto out;
550 }
551 }
552
553 *size_out = mbox_cmd.size_out;
554 *retval = mbox_cmd.return_code;
555
556out:
557 kvfree(mbox_cmd.payload_in);
558 kvfree(mbox_cmd.payload_out);
559 return rc;
560}
561
13237183
BW		 562static bool cxl_mem_raw_command_allowed(u16 opcode)
563{
564 int i;
565
566 if (!IS_ENABLED(CONFIG_CXL_MEM_RAW_COMMANDS))
567 return false;
568
569 if (security_locked_down(LOCKDOWN_NONE))
570 return false;
571
572 if (cxl_raw_allow_all)
573 return true;
574
575 if (cxl_is_security_command(opcode))
576 return false;
577
578 for (i = 0; i < ARRAY_SIZE(cxl_disabled_raw_commands); i++)
579 if (cxl_disabled_raw_commands[i] == opcode)
580 return false;
581
582 return true;
583}
584
583fa5e7
BW		 585/**
586 * cxl_validate_cmd_from_user() - Check fields for CXL_MEM_SEND_COMMAND.
587 * @cxlm: &struct cxl_mem device whose mailbox will be used.
588 * @send_cmd: &struct cxl_send_command copied in from userspace.
589 * @out_cmd: Sanitized and populated &struct cxl_mem_command.
590 *
591 * Return:
592 * * %0 - @out_cmd is ready to send.
593 * * %-ENOTTY - Invalid command specified.
594 * * %-EINVAL - Reserved fields or invalid values were used.
595 * * %-ENOMEM - Input or output buffer wasn't sized properly.
13237183 596 * * %-EPERM - Attempted to use a protected command.
583fa5e7
BW		 597 *
598 * The result of this command is a fully validated command in @out_cmd that is
599 * safe to send to the hardware.
600 *
601 * See handle_mailbox_cmd_from_user()
602 */
603static int cxl_validate_cmd_from_user(struct cxl_mem *cxlm,
604 const struct cxl_send_command *send_cmd,
605 struct cxl_mem_command *out_cmd)
606{
607 const struct cxl_command_info *info;
608 struct cxl_mem_command *c;
609
610 if (send_cmd->id == 0 || send_cmd->id >= CXL_MEM_COMMAND_ID_MAX)
611 return -ENOTTY;
612
613 /*
614 * The user can never specify an input payload larger than what hardware
615 * supports, but output can be arbitrarily large (simply write out as
616 * much data as the hardware provides).
617 */
618 if (send_cmd->in.size > cxlm->payload_size)
619 return -EINVAL;
620
13237183
BW		 621 /*
622 * Checks are bypassed for raw commands but a WARN/taint will occur
623 * later in the callchain
624 */
625 if (send_cmd->id == CXL_MEM_COMMAND_ID_RAW) {
626 const struct cxl_mem_command temp = {
627 .info = {
628 .id = CXL_MEM_COMMAND_ID_RAW,
629 .flags = 0,
630 .size_in = send_cmd->in.size,
631 .size_out = send_cmd->out.size,
632 },
633 .opcode = send_cmd->raw.opcode
634 };
635
636 if (send_cmd->raw.rsvd)
637 return -EINVAL;
638
639 /*
640 * Unlike supported commands, the output size of RAW commands
641 * gets passed along without further checking, so it must be
642 * validated here.
643 */
644 if (send_cmd->out.size > cxlm->payload_size)
645 return -EINVAL;
646
647 if (!cxl_mem_raw_command_allowed(send_cmd->raw.opcode))
648 return -EPERM;
649
650 memcpy(out_cmd, &temp, sizeof(temp));
651
652 return 0;
653 }
654
583fa5e7
BW		 655 if (send_cmd->flags & ~CXL_MEM_COMMAND_FLAG_MASK)
656 return -EINVAL;
657
658 if (send_cmd->rsvd)
659 return -EINVAL;
660
661 if (send_cmd->in.rsvd || send_cmd->out.rsvd)
662 return -EINVAL;
663
664 /* Convert user's command into the internal representation */
665 c = &mem_commands[send_cmd->id];
666 info = &c->info;
667
472b1ce6
BW		 668 /* Check that the command is enabled for hardware */
669 if (!test_bit(info->id, cxlm->enabled_cmds))
670 return -ENOTTY;
671
583fa5e7
BW		 672 /* Check the input buffer is the expected size */
673 if (info->size_in >= 0 && info->size_in != send_cmd->in.size)
674 return -ENOMEM;
675
676 /* Check the output buffer is at least large enough */
677 if (info->size_out >= 0 && send_cmd->out.size < info->size_out)
678 return -ENOMEM;
679
680 memcpy(out_cmd, c, sizeof(*c));
681 out_cmd->info.size_in = send_cmd->in.size;
682 /*
683 * XXX: out_cmd->info.size_out will be controlled by the driver, and the
684 * specified number of bytes @send_cmd->out.size will be copied back out
685 * to userspace.
686 */
687
688 return 0;
689}
690
691static int cxl_query_cmd(struct cxl_memdev *cxlmd,
692 struct cxl_mem_query_commands __user *q)
693{
694 struct device *dev = &cxlmd->dev;
695 struct cxl_mem_command *cmd;
696 u32 n_commands;
697 int j = 0;
698
699 dev_dbg(dev, "Query IOCTL\n");
700
701 if (get_user(n_commands, &q->n_commands))
702 return -EFAULT;
703
704 /* returns the total number if 0 elements are requested. */
705 if (n_commands == 0)
706 return put_user(cxl_cmd_count, &q->n_commands);
707
708 /*
709 * otherwise, return max(n_commands, total commands) cxl_command_info
710 * structures.
711 */
712 cxl_for_each_cmd(cmd) {
713 const struct cxl_command_info *info = &cmd->info;
714
715 if (copy_to_user(&q->commands[j++], info, sizeof(*info)))
716 return -EFAULT;
717
718 if (j == n_commands)
719 break;
720 }
721
722 return 0;
723}
724
725static int cxl_send_cmd(struct cxl_memdev *cxlmd,
726 struct cxl_send_command __user *s)
727{
728 struct cxl_mem *cxlm = cxlmd->cxlm;
729 struct device *dev = &cxlmd->dev;
730 struct cxl_send_command send;
731 struct cxl_mem_command c;
732 int rc;
733
734 dev_dbg(dev, "Send IOCTL\n");
735
736 if (copy_from_user(&send, s, sizeof(send)))
737 return -EFAULT;
738
739 rc = cxl_validate_cmd_from_user(cxlmd->cxlm, &send, &c);
740 if (rc)
741 return rc;
742
743 /* Prepare to handle a full payload for variable sized output */
744 if (c.info.size_out < 0)
745 c.info.size_out = cxlm->payload_size;
746
747 rc = handle_mailbox_cmd_from_user(cxlm, &c, send.in.payload,
748 send.out.payload, &send.out.size,
749 &send.retval);
750 if (rc)
751 return rc;
752
58294927
DC		 753 if (copy_to_user(s, &send, sizeof(send)))
754 return -EFAULT;
755
756 return 0;
583fa5e7
BW		 757}
758
759static long __cxl_memdev_ioctl(struct cxl_memdev *cxlmd, unsigned int cmd,
760 unsigned long arg)
761{
762 switch (cmd) {
763 case CXL_MEM_QUERY_COMMANDS:
764 return cxl_query_cmd(cxlmd, (void __user *)arg);
765 case CXL_MEM_SEND_COMMAND:
766 return cxl_send_cmd(cxlmd, (void __user *)arg);
767 default:
768 return -ENOTTY;
769 }
770}
771
b39cb105
DW		 772static long cxl_memdev_ioctl(struct file *file, unsigned int cmd,
773 unsigned long arg)
774{
58775159
DW		 775 struct cxl_memdev *cxlmd = file->private_data;
776 int rc = -ENXIO;
b39cb105 777
58775159
DW		 778 down_read(&cxl_memdev_rwsem);
779 if (cxlmd->cxlm)
780 rc = __cxl_memdev_ioctl(cxlmd, cmd, arg);
781 up_read(&cxl_memdev_rwsem);
b39cb105 782
58775159
DW		 783 return rc;
784}
b39cb105 785
58775159
DW		 786static int cxl_memdev_open(struct inode *inode, struct file *file)
787{
788 struct cxl_memdev *cxlmd =
789 container_of(inode->i_cdev, typeof(*cxlmd), cdev);
b39cb105 790
58775159
DW		 791 get_device(&cxlmd->dev);
792 file->private_data = cxlmd;
b39cb105 793
58775159
DW		 794 return 0;
795}
796
797static int cxl_memdev_release_file(struct inode *inode, struct file *file)
798{
799 struct cxl_memdev *cxlmd =
800 container_of(inode->i_cdev, typeof(*cxlmd), cdev);
801
802 put_device(&cxlmd->dev);
803
804 return 0;
b39cb105
DW		 805}
806
9cc238c7
DW		 807static void cxl_memdev_shutdown(struct device *dev)
808{
809 struct cxl_memdev *cxlmd = to_cxl_memdev(dev);
810
811 down_write(&cxl_memdev_rwsem);
812 cxlmd->cxlm = NULL;
813 up_write(&cxl_memdev_rwsem);
814}
815
816static const struct cdevm_file_operations cxl_memdev_fops = {
817 .fops = {
818 .owner = THIS_MODULE,
819 .unlocked_ioctl = cxl_memdev_ioctl,
820 .open = cxl_memdev_open,
821 .release = cxl_memdev_release_file,
822 .compat_ioctl = compat_ptr_ioctl,
823 .llseek = noop_llseek,
824 },
825 .shutdown = cxl_memdev_shutdown,
b39cb105
DW		 826};
827
472b1ce6
BW		 828static inline struct cxl_mem_command *cxl_mem_find_command(u16 opcode)
829{
830 struct cxl_mem_command *c;
831
832 cxl_for_each_cmd(c)
833 if (c->opcode == opcode)
834 return c;
835
836 return NULL;
837}
838
8adaf747
BW		 839/**
840 * cxl_mem_mbox_send_cmd() - Send a mailbox command to a memory device.
841 * @cxlm: The CXL memory device to communicate with.
842 * @opcode: Opcode for the mailbox command.
843 * @in: The input payload for the mailbox command.
844 * @in_size: The length of the input payload
845 * @out: Caller allocated buffer for the output.
846 * @out_size: Expected size of output.
847 *
848 * Context: Any context. Will acquire and release mbox_mutex.
849 * Return:
850 * * %>=0 - Number of bytes returned in @out.
851 * * %-E2BIG - Payload is too large for hardware.
852 * * %-EBUSY - Couldn't acquire exclusive mailbox access.
853 * * %-EFAULT - Hardware error occurred.
854 * * %-ENXIO - Command completed, but device reported an error.
855 * * %-EIO - Unexpected output size.
856 *
857 * Mailbox commands may execute successfully yet the device itself reported an
858 * error. While this distinction can be useful for commands from userspace, the
472b1ce6 859 * kernel will only be able to use results when both are successful.
8adaf747
BW		 860 *
861 * See __cxl_mem_mbox_send_cmd()
862 */
863static int cxl_mem_mbox_send_cmd(struct cxl_mem *cxlm, u16 opcode,
864 void *in, size_t in_size,
865 void *out, size_t out_size)
866{
472b1ce6 867 const struct cxl_mem_command *cmd = cxl_mem_find_command(opcode);
8adaf747
BW		 868 struct mbox_cmd mbox_cmd = {
869 .opcode = opcode,
870 .payload_in = in,
871 .size_in = in_size,
872 .size_out = out_size,
873 .payload_out = out,
874 };
875 int rc;
876
877 if (out_size > cxlm->payload_size)
878 return -E2BIG;
879
880 rc = cxl_mem_mbox_get(cxlm);
881 if (rc)
882 return rc;
883
884 rc = __cxl_mem_mbox_send_cmd(cxlm, &mbox_cmd);
885 cxl_mem_mbox_put(cxlm);
886 if (rc)
887 return rc;
888
889 /* TODO: Map return code to proper kernel style errno */
890 if (mbox_cmd.return_code != CXL_MBOX_SUCCESS)
891 return -ENXIO;
892
472b1ce6
BW		 893 /*
894 * Variable sized commands can't be validated and so it's up to the
895 * caller to do that if they wish.
896 */
897 if (cmd->info.size_out >= 0 && mbox_cmd.size_out != out_size)
8adaf747
BW		 898 return -EIO;
899
900 return 0;
901}
902
8adaf747
BW		 903static int cxl_mem_setup_mailbox(struct cxl_mem *cxlm)
904{
8ac75dd6 905 const int cap = readl(cxlm->regs.mbox + CXLDEV_MBOX_CAPS_OFFSET);
8adaf747
BW		 906
907 cxlm->payload_size =
908 1 << FIELD_GET(CXLDEV_MBOX_CAP_PAYLOAD_SIZE_MASK, cap);
909
910 /*
911 * CXL 2.0 8.2.8.4.3 Mailbox Capabilities Register
912 *
913 * If the size is too small, mandatory commands will not work and so
914 * there's no point in going forward. If the size is too large, there's
915 * no harm is soft limiting it.
916 */
917 cxlm->payload_size = min_t(size_t, cxlm->payload_size, SZ_1M);
918 if (cxlm->payload_size < 256) {
919 dev_err(&cxlm->pdev->dev, "Mailbox is too small (%zub)",
920 cxlm->payload_size);
921 return -ENXIO;
922 }
923
924 dev_dbg(&cxlm->pdev->dev, "Mailbox payload sized %zu",
925 cxlm->payload_size);
926
927 return 0;
928}
929
1b0a1a2a 930static struct cxl_mem *cxl_mem_create(struct pci_dev *pdev)
8adaf747
BW		 931{
932 struct device *dev = &pdev->dev;
933 struct cxl_mem *cxlm;
8adaf747 934
5d0c6f02 935 cxlm = devm_kzalloc(dev, sizeof(*cxlm), GFP_KERNEL);
8adaf747
BW		 936 if (!cxlm) {
937 dev_err(dev, "No memory available\n");
1b0a1a2a
BW		 938 return ERR_PTR(-ENOMEM);
939 }
940
941 mutex_init(&cxlm->mbox_mutex);
942 cxlm->pdev = pdev;
943 cxlm->enabled_cmds =
944 devm_kmalloc_array(dev, BITS_TO_LONGS(cxl_cmd_count),
945 sizeof(unsigned long),
946 GFP_KERNEL | __GFP_ZERO);
947 if (!cxlm->enabled_cmds) {
948 dev_err(dev, "No memory available for bitmap\n");
949 return ERR_PTR(-ENOMEM);
8adaf747
BW		 950 }
951
1b0a1a2a
BW		 952 return cxlm;
953}
954
07d62eac
IW		 955static void __iomem *cxl_mem_map_regblock(struct cxl_mem *cxlm,
956 u8 bar, u64 offset)
1b0a1a2a
BW		 957{
958 struct pci_dev *pdev = cxlm->pdev;
959 struct device *dev = &pdev->dev;
f8a7e8c2 960 void __iomem *addr;
1b0a1a2a 961
8adaf747
BW		 962 /* Basic sanity check that BAR is big enough */
963 if (pci_resource_len(pdev, bar) < offset) {
964 dev_err(dev, "BAR%d: %pr: too small (offset: %#llx)\n", bar,
965 &pdev->resource[bar], (unsigned long long)offset);
6630d31c 966 return IOMEM_ERR_PTR(-ENXIO);
8adaf747
BW		 967 }
968
30af9729 969 addr = pci_iomap(pdev, bar, 0);
f8a7e8c2 970 if (!addr) {
8adaf747 971 dev_err(dev, "failed to map registers\n");
f8a7e8c2 972 return addr;
8adaf747 973 }
8adaf747 974
f8a7e8c2
IW		 975 dev_dbg(dev, "Mapped CXL Memory Device resource bar %u @ %#llx\n",
976 bar, offset);
6630d31c 977
30af9729
IW		 978 return addr;
979}
980
981static void cxl_mem_unmap_regblock(struct cxl_mem *cxlm, void __iomem *base)
982{
983 pci_iounmap(cxlm->pdev, base);
8adaf747 984}
4cdadfd5
DW		 985
986static int cxl_mem_dvsec(struct pci_dev *pdev, int dvsec)
987{
988 int pos;
989
990 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_DVSEC);
991 if (!pos)
992 return 0;
993
994 while (pos) {
995 u16 vendor, id;
996
997 pci_read_config_word(pdev, pos + PCI_DVSEC_HEADER1, &vendor);
998 pci_read_config_word(pdev, pos + PCI_DVSEC_HEADER2, &id);
999 if (vendor == PCI_DVSEC_VENDOR_ID_CXL && dvsec == id)
1000 return pos;
1001
1002 pos = pci_find_next_ext_capability(pdev, pos,
1003 PCI_EXT_CAP_ID_DVSEC);
1004 }
1005
1006 return 0;
1007}
1008
30af9729
IW		 1009static int cxl_probe_regs(struct cxl_mem *cxlm, void __iomem *base,
1010 struct cxl_register_map *map)
1011{
1012 struct pci_dev *pdev = cxlm->pdev;
1013 struct device *dev = &pdev->dev;
08422378 1014 struct cxl_component_reg_map *comp_map;
30af9729
IW		 1015 struct cxl_device_reg_map *dev_map;
1016
1017 switch (map->reg_type) {
08422378
BW		 1018 case CXL_REGLOC_RBI_COMPONENT:
1019 comp_map = &map->component_map;
1020 cxl_probe_component_regs(dev, base, comp_map);
1021 if (!comp_map->hdm_decoder.valid) {
1022 dev_err(dev, "HDM decoder registers not found\n");
1023 return -ENXIO;
1024 }
1025
1026 dev_dbg(dev, "Set up component registers\n");
1027 break;
30af9729
IW		 1028 case CXL_REGLOC_RBI_MEMDEV:
1029 dev_map = &map->device_map;
1030 cxl_probe_device_regs(dev, base, dev_map);
1031 if (!dev_map->status.valid || !dev_map->mbox.valid ||
1032 !dev_map->memdev.valid) {
1033 dev_err(dev, "registers not found: %s%s%s\n",
1034 !dev_map->status.valid ? "status " : "",
1035 !dev_map->mbox.valid ? "status " : "",
1036 !dev_map->memdev.valid ? "status " : "");
1037 return -ENXIO;
1038 }
1039
1040 dev_dbg(dev, "Probing device registers...\n");
1041 break;
1042 default:
1043 break;
1044 }
1045
1046 return 0;
1047}
1048
1049static int cxl_map_regs(struct cxl_mem *cxlm, struct cxl_register_map *map)
1050{
1051 struct pci_dev *pdev = cxlm->pdev;
1052 struct device *dev = &pdev->dev;
1053
1054 switch (map->reg_type) {
08422378
BW		 1055 case CXL_REGLOC_RBI_COMPONENT:
1056 cxl_map_component_regs(pdev, &cxlm->regs.component, map);
1057 dev_dbg(dev, "Mapping component registers...\n");
1058 break;
30af9729
IW		 1059 case CXL_REGLOC_RBI_MEMDEV:
1060 cxl_map_device_regs(pdev, &cxlm->regs.device_regs, map);
1061 dev_dbg(dev, "Probing device registers...\n");
1062 break;
1063 default:
1064 break;
1065 }
1066
1067 return 0;
1068}
1069
07d62eac
IW		 1070static void cxl_decode_register_block(u32 reg_lo, u32 reg_hi,
1071 u8 *bar, u64 *offset, u8 *reg_type)
1072{
1073 *offset = ((u64)reg_hi << 32) | (reg_lo & CXL_REGLOC_ADDR_MASK);
1074 *bar = FIELD_GET(CXL_REGLOC_BIR_MASK, reg_lo);
1075 *reg_type = FIELD_GET(CXL_REGLOC_RBI_MASK, reg_lo);
1076}
1077
1d5a4159
BW		 1078/**
1079 * cxl_mem_setup_regs() - Setup necessary MMIO.
1080 * @cxlm: The CXL memory device to communicate with.
1081 *
1082 * Return: 0 if all necessary registers mapped.
1083 *
1084 * A memory device is required by spec to implement a certain set of MMIO
1085 * regions. The purpose of this function is to enumerate and map those
1086 * registers.
1087 */
1088static int cxl_mem_setup_regs(struct cxl_mem *cxlm)
1089{
1d5a4159
BW		 1090 struct pci_dev *pdev = cxlm->pdev;
1091 struct device *dev = &pdev->dev;
1092 u32 regloc_size, regblocks;
6630d31c
BW		 1093 void __iomem *base;
1094 int regloc, i;
30af9729
IW		 1095 struct cxl_register_map *map, *n;
1096 LIST_HEAD(register_maps);
1097 int ret = 0;
1d5a4159 1098
4ad6181e 1099 regloc = cxl_mem_dvsec(pdev, PCI_DVSEC_ID_CXL_REGLOC_DVSEC_ID);
1d5a4159
BW		 1100 if (!regloc) {
1101 dev_err(dev, "register location dvsec not found\n");
1102 return -ENXIO;
1103 }
1104
f8a7e8c2
IW		 1105 if (pci_request_mem_regions(pdev, pci_name(pdev)))
1106 return -ENODEV;
1107
1d5a4159
BW		 1108 /* Get the size of the Register Locator DVSEC */
1109 pci_read_config_dword(pdev, regloc + PCI_DVSEC_HEADER1, &regloc_size);
1110 regloc_size = FIELD_GET(PCI_DVSEC_HEADER1_LENGTH_MASK, regloc_size);
1111
1112 regloc += PCI_DVSEC_ID_CXL_REGLOC_BLOCK1_OFFSET;
1113 regblocks = (regloc_size - PCI_DVSEC_ID_CXL_REGLOC_BLOCK1_OFFSET) / 8;
1114
1115 for (i = 0; i < regblocks; i++, regloc += 8) {
1116 u32 reg_lo, reg_hi;
1117 u8 reg_type;
07d62eac
IW		 1118 u64 offset;
1119 u8 bar;
1d5a4159 1120
1d5a4159
BW		 1121 pci_read_config_dword(pdev, regloc, &reg_lo);
1122 pci_read_config_dword(pdev, regloc + 4, &reg_hi);
1123
07d62eac
IW		 1124 cxl_decode_register_block(reg_lo, reg_hi, &bar, &offset,
1125 &reg_type);
1126
1127 dev_dbg(dev, "Found register block in bar %u @ 0x%llx of type %u\n",
1128 bar, offset, reg_type);
1d5a4159 1129
1e39db57
BW		 1130 /* Ignore unknown register block types */
1131 if (reg_type > CXL_REGLOC_RBI_MEMDEV)
1132 continue;
1133
1134 map = kzalloc(sizeof(*map), GFP_KERNEL);
1135 if (!map) {
1136 ret = -ENOMEM;
1137 goto free_maps;
1138 }
1139
1140 list_add(&map->list, &register_maps);
1141
30af9729
IW		 1142 base = cxl_mem_map_regblock(cxlm, bar, offset);
1143 if (!base) {
1144 ret = -ENOMEM;
1145 goto free_maps;
1d5a4159 1146 }
1d5a4159 1147
30af9729
IW		 1148 map->barno = bar;
1149 map->block_offset = offset;
1150 map->reg_type = reg_type;
1151
1152 ret = cxl_probe_regs(cxlm, base + offset, map);
1153
1154 /* Always unmap the regblock regardless of probe success */
1155 cxl_mem_unmap_regblock(cxlm, base);
1156
1157 if (ret)
1158 goto free_maps;
1d5a4159
BW		 1159 }
1160
9a016527
IW		 1161 pci_release_mem_regions(pdev);
1162
30af9729
IW		 1163 list_for_each_entry(map, &register_maps, list) {
1164 ret = cxl_map_regs(cxlm, map);
1165 if (ret)
1166 goto free_maps;
1167 }
1d5a4159 1168
30af9729
IW		 1169free_maps:
1170 list_for_each_entry_safe(map, n, &register_maps, list) {
1171 list_del(&map->list);
1172 kfree(map);
1d5a4159
BW		 1173 }
1174
30af9729 1175 return ret;
1d5a4159
BW		 1176}
1177
472b1ce6
BW		 1178static int cxl_xfer_log(struct cxl_mem *cxlm, uuid_t *uuid, u32 size, u8 *out)
1179{
1180 u32 remaining = size;
1181 u32 offset = 0;
1182
1183 while (remaining) {
1184 u32 xfer_size = min_t(u32, remaining, cxlm->payload_size);
1185 struct cxl_mbox_get_log {
1186 uuid_t uuid;
1187 __le32 offset;
1188 __le32 length;
1189 } __packed log = {
1190 .uuid = *uuid,
1191 .offset = cpu_to_le32(offset),
1192 .length = cpu_to_le32(xfer_size)
1193 };
1194 int rc;
1195
1196 rc = cxl_mem_mbox_send_cmd(cxlm, CXL_MBOX_OP_GET_LOG, &log,
1197 sizeof(log), out, xfer_size);
1198 if (rc < 0)
1199 return rc;
1200
1201 out += xfer_size;
1202 remaining -= xfer_size;
1203 offset += xfer_size;
1204 }
1205
1206 return 0;
1207}
1208
1209/**
1210 * cxl_walk_cel() - Walk through the Command Effects Log.
1211 * @cxlm: Device.
1212 * @size: Length of the Command Effects Log.
1213 * @cel: CEL
1214 *
1215 * Iterate over each entry in the CEL and determine if the driver supports the
1216 * command. If so, the command is enabled for the device and can be used later.
1217 */
1218static void cxl_walk_cel(struct cxl_mem *cxlm, size_t size, u8 *cel)
1219{
1220 struct cel_entry {
1221 __le16 opcode;
1222 __le16 effect;
1223 } __packed * cel_entry;
1224 const int cel_entries = size / sizeof(*cel_entry);
1225 int i;
1226
1227 cel_entry = (struct cel_entry *)cel;
1228
1229 for (i = 0; i < cel_entries; i++) {
1230 u16 opcode = le16_to_cpu(cel_entry[i].opcode);
1231 struct cxl_mem_command *cmd = cxl_mem_find_command(opcode);
1232
1233 if (!cmd) {
1234 dev_dbg(&cxlm->pdev->dev,
1235 "Opcode 0x%04x unsupported by driver", opcode);
1236 continue;
1237 }
1238
1239 set_bit(cmd->info.id, cxlm->enabled_cmds);
1240 }
1241}
1242
1243struct cxl_mbox_get_supported_logs {
1244 __le16 entries;
1245 u8 rsvd[6];
1246 struct gsl_entry {
1247 uuid_t uuid;
1248 __le32 size;
1249 } __packed entry[];
1250} __packed;
1251
1252static struct cxl_mbox_get_supported_logs *cxl_get_gsl(struct cxl_mem *cxlm)
1253{
1254 struct cxl_mbox_get_supported_logs *ret;
1255 int rc;
1256
1257 ret = kvmalloc(cxlm->payload_size, GFP_KERNEL);
1258 if (!ret)
1259 return ERR_PTR(-ENOMEM);
1260
1261 rc = cxl_mem_mbox_send_cmd(cxlm, CXL_MBOX_OP_GET_SUPPORTED_LOGS, NULL,
1262 0, ret, cxlm->payload_size);
1263 if (rc < 0) {
1264 kvfree(ret);
1265 return ERR_PTR(rc);
1266 }
1267
1268 return ret;
1269}
1270
1271/**
1272 * cxl_mem_enumerate_cmds() - Enumerate commands for a device.
1273 * @cxlm: The device.
1274 *
1275 * Returns 0 if enumerate completed successfully.
1276 *
1277 * CXL devices have optional support for certain commands. This function will
1278 * determine the set of supported commands for the hardware and update the
1279 * enabled_cmds bitmap in the @cxlm.
1280 */
1281static int cxl_mem_enumerate_cmds(struct cxl_mem *cxlm)
1282{
1283 struct cxl_mbox_get_supported_logs *gsl;
1284 struct device *dev = &cxlm->pdev->dev;
1285 struct cxl_mem_command *cmd;
1286 int i, rc;
1287
1288 gsl = cxl_get_gsl(cxlm);
1289 if (IS_ERR(gsl))
1290 return PTR_ERR(gsl);
1291
1292 rc = -ENOENT;
1293 for (i = 0; i < le16_to_cpu(gsl->entries); i++) {
1294 u32 size = le32_to_cpu(gsl->entry[i].size);
1295 uuid_t uuid = gsl->entry[i].uuid;
1296 u8 *log;
1297
1298 dev_dbg(dev, "Found LOG type %pU of size %d", &uuid, size);
1299
1300 if (!uuid_equal(&uuid, &log_uuid[CEL_UUID]))
1301 continue;
1302
1303 log = kvmalloc(size, GFP_KERNEL);
1304 if (!log) {
1305 rc = -ENOMEM;
1306 goto out;
1307 }
1308
1309 rc = cxl_xfer_log(cxlm, &uuid, size, log);
1310 if (rc) {
1311 kvfree(log);
1312 goto out;
1313 }
1314
1315 cxl_walk_cel(cxlm, size, log);
1316 kvfree(log);
1317
1318 /* In case CEL was bogus, enable some default commands. */
1319 cxl_for_each_cmd(cmd)
1320 if (cmd->flags & CXL_CMD_FLAG_FORCE_ENABLE)
1321 set_bit(cmd->info.id, cxlm->enabled_cmds);
1322
1323 /* Found the required CEL */
1324 rc = 0;
1325 }
1326
1327out:
1328 kvfree(gsl);
1329 return rc;
1330}
1331
8adaf747
BW		 1332/**
1333 * cxl_mem_identify() - Send the IDENTIFY command to the device.
1334 * @cxlm: The device to identify.
1335 *
1336 * Return: 0 if identify was executed successfully.
1337 *
1338 * This will dispatch the identify command to the device and on success populate
1339 * structures to be exported to sysfs.
1340 */
1341static int cxl_mem_identify(struct cxl_mem *cxlm)
1342{
fae8817a 1343 /* See CXL 2.0 Table 175 Identify Memory Device Output Payload */
8adaf747
BW		 1344 struct cxl_mbox_identify {
1345 char fw_revision[0x10];
1346 __le64 total_capacity;
1347 __le64 volatile_capacity;
1348 __le64 persistent_capacity;
1349 __le64 partition_align;
1350 __le16 info_event_log_size;
1351 __le16 warning_event_log_size;
1352 __le16 failure_event_log_size;
1353 __le16 fatal_event_log_size;
1354 __le32 lsa_size;
1355 u8 poison_list_max_mer[3];
1356 __le16 inject_poison_limit;
1357 u8 poison_caps;
1358 u8 qos_telemetry_caps;
1359 } __packed id;
1360 int rc;
1361
1362 rc = cxl_mem_mbox_send_cmd(cxlm, CXL_MBOX_OP_IDENTIFY, NULL, 0, &id,
1363 sizeof(id));
1364 if (rc < 0)
1365 return rc;
1366
1367 /*
1368 * TODO: enumerate DPA map, as 'ram' and 'pmem' do not alias.
1369 * For now, only the capacity is exported in sysfs
1370 */
1371 cxlm->ram_range.start = 0;
fae8817a 1372 cxlm->ram_range.end = le64_to_cpu(id.volatile_capacity) * SZ_256M - 1;
8adaf747
BW		 1373
1374 cxlm->pmem_range.start = 0;
fae8817a
DW		 1375 cxlm->pmem_range.end =
1376 le64_to_cpu(id.persistent_capacity) * SZ_256M - 1;
8adaf747 1377
199cf8c3 1378 cxlm->lsa_size = le32_to_cpu(id.lsa_size);
8adaf747
BW		 1379 memcpy(cxlm->firmware_version, id.fw_revision, sizeof(id.fw_revision));
1380
1381 return 0;
1382}
1383
4cdadfd5
DW		 1384static int cxl_mem_probe(struct pci_dev *pdev, const struct pci_device_id *id)
1385{
21083f51 1386 struct cxl_memdev *cxlmd;
1b0a1a2a 1387 struct cxl_mem *cxlm;
1d5a4159 1388 int rc;
8adaf747
BW		 1389
1390 rc = pcim_enable_device(pdev);
1391 if (rc)
1392 return rc;
4cdadfd5 1393
1b0a1a2a
BW		 1394 cxlm = cxl_mem_create(pdev);
1395 if (IS_ERR(cxlm))
1396 return PTR_ERR(cxlm);
1397
8adaf747
BW		 1398 rc = cxl_mem_setup_regs(cxlm);
1399 if (rc)
1400 return rc;
1401
1402 rc = cxl_mem_setup_mailbox(cxlm);
1403 if (rc)
1404 return rc;
1405
472b1ce6
BW		 1406 rc = cxl_mem_enumerate_cmds(cxlm);
1407 if (rc)
1408 return rc;
1409
b39cb105
DW		 1410 rc = cxl_mem_identify(cxlm);
1411 if (rc)
1412 return rc;
1413
9cc238c7 1414 cxlmd = devm_cxl_add_memdev(&pdev->dev, cxlm, &cxl_memdev_fops);
21083f51
DW		 1415 if (IS_ERR(cxlmd))
1416 return PTR_ERR(cxlmd);
1417
1418 if (range_len(&cxlm->pmem_range) && IS_ENABLED(CONFIG_CXL_PMEM))
1419 rc = devm_cxl_add_nvdimm(&pdev->dev, cxlmd);
1420
1421 return rc;
4cdadfd5
DW		 1422}
1423
1424static const struct pci_device_id cxl_mem_pci_tbl[] = {
1425 /* PCI class code for CXL.mem Type-3 Devices */
1426 { PCI_DEVICE_CLASS((PCI_CLASS_MEMORY_CXL << 8 | CXL_MEMORY_PROGIF), ~0)},
1427 { /* terminate list */ },
1428};
1429MODULE_DEVICE_TABLE(pci, cxl_mem_pci_tbl);
1430
1431static struct pci_driver cxl_mem_driver = {
1432 .name = KBUILD_MODNAME,
1433 .id_table = cxl_mem_pci_tbl,
1434 .probe = cxl_mem_probe,
1435 .driver = {
1436 .probe_type = PROBE_PREFER_ASYNCHRONOUS,
1437 },
1438};
1439
b39cb105
DW		 1440static __init int cxl_mem_init(void)
1441{
13237183 1442 struct dentry *mbox_debugfs;
b39cb105
DW		 1443 int rc;
1444
8ac75dd6
DW		 1445 /* Double check the anonymous union trickery in struct cxl_regs */
1446 BUILD_BUG_ON(offsetof(struct cxl_regs, memdev) !=
1447 offsetof(struct cxl_regs, device_regs.memdev));
1448
b39cb105 1449 rc = pci_register_driver(&cxl_mem_driver);
3d135db5 1450 if (rc)
b39cb105 1451 return rc;
b39cb105 1452
13237183
BW		 1453 cxl_debugfs = debugfs_create_dir("cxl", NULL);
1454 mbox_debugfs = debugfs_create_dir("mbox", cxl_debugfs);
1455 debugfs_create_bool("raw_allow_all", 0600, mbox_debugfs,
1456 &cxl_raw_allow_all);
1457
b39cb105
DW		 1458 return 0;
1459}
1460
1461static __exit void cxl_mem_exit(void)
1462{
13237183 1463 debugfs_remove_recursive(cxl_debugfs);
b39cb105 1464 pci_unregister_driver(&cxl_mem_driver);
b39cb105
DW		 1465}
1466
4cdadfd5 1467MODULE_LICENSE("GPL v2");
b39cb105
DW		 1468module_init(cxl_mem_init);
1469module_exit(cxl_mem_exit);
1470MODULE_IMPORT_NS(CXL);
Empty description
This page took 0.299351 seconds and 4 git commands to generate.