Loading...
1
2/******************************************************************************
3 *
4 * Module Name: hwvalid - I/O request validation
5 *
6 *****************************************************************************/
7
8/*
9 * Copyright (C) 2000 - 2012, Intel Corp.
10 * All rights reserved.
11 *
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
14 * are met:
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions, and the following disclaimer,
17 * without modification.
18 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
19 * substantially similar to the "NO WARRANTY" disclaimer below
20 * ("Disclaimer") and any redistribution must be conditioned upon
21 * including a substantially similar Disclaimer requirement for further
22 * binary redistribution.
23 * 3. Neither the names of the above-listed copyright holders nor the names
24 * of any contributors may be used to endorse or promote products derived
25 * from this software without specific prior written permission.
26 *
27 * Alternatively, this software may be distributed under the terms of the
28 * GNU General Public License ("GPL") version 2 as published by the Free
29 * Software Foundation.
30 *
31 * NO WARRANTY
32 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
33 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
34 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
35 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
36 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
37 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
38 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
39 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
40 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
41 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
42 * POSSIBILITY OF SUCH DAMAGES.
43 */
44
45#include <acpi/acpi.h>
46#include "accommon.h"
47
48#define _COMPONENT ACPI_HARDWARE
49ACPI_MODULE_NAME("hwvalid")
50
51/* Local prototypes */
52static acpi_status
53acpi_hw_validate_io_request(acpi_io_address address, u32 bit_width);
54
55/*
56 * Protected I/O ports. Some ports are always illegal, and some are
57 * conditionally illegal. This table must remain ordered by port address.
58 *
59 * The table is used to implement the Microsoft port access rules that
60 * first appeared in Windows XP. Some ports are always illegal, and some
61 * ports are only illegal if the BIOS calls _OSI with a win_xP string or
62 * later (meaning that the BIOS itelf is post-XP.)
63 *
64 * This provides ACPICA with the desired port protections and
65 * Microsoft compatibility.
66 *
67 * Description of port entries:
68 * DMA: DMA controller
69 * PIC0: Programmable Interrupt Controller (8259_a)
70 * PIT1: System Timer 1
71 * PIT2: System Timer 2 failsafe
72 * RTC: Real-time clock
73 * CMOS: Extended CMOS
74 * DMA1: DMA 1 page registers
75 * DMA1L: DMA 1 Ch 0 low page
76 * DMA2: DMA 2 page registers
77 * DMA2L: DMA 2 low page refresh
78 * ARBC: Arbitration control
79 * SETUP: Reserved system board setup
80 * POS: POS channel select
81 * PIC1: Cascaded PIC
82 * IDMA: ISA DMA
83 * ELCR: PIC edge/level registers
84 * PCI: PCI configuration space
85 */
86static const struct acpi_port_info acpi_protected_ports[] = {
87 {"DMA", 0x0000, 0x000F, ACPI_OSI_WIN_XP},
88 {"PIC0", 0x0020, 0x0021, ACPI_ALWAYS_ILLEGAL},
89 {"PIT1", 0x0040, 0x0043, ACPI_OSI_WIN_XP},
90 {"PIT2", 0x0048, 0x004B, ACPI_OSI_WIN_XP},
91 {"RTC", 0x0070, 0x0071, ACPI_OSI_WIN_XP},
92 {"CMOS", 0x0074, 0x0076, ACPI_OSI_WIN_XP},
93 {"DMA1", 0x0081, 0x0083, ACPI_OSI_WIN_XP},
94 {"DMA1L", 0x0087, 0x0087, ACPI_OSI_WIN_XP},
95 {"DMA2", 0x0089, 0x008B, ACPI_OSI_WIN_XP},
96 {"DMA2L", 0x008F, 0x008F, ACPI_OSI_WIN_XP},
97 {"ARBC", 0x0090, 0x0091, ACPI_OSI_WIN_XP},
98 {"SETUP", 0x0093, 0x0094, ACPI_OSI_WIN_XP},
99 {"POS", 0x0096, 0x0097, ACPI_OSI_WIN_XP},
100 {"PIC1", 0x00A0, 0x00A1, ACPI_ALWAYS_ILLEGAL},
101 {"IDMA", 0x00C0, 0x00DF, ACPI_OSI_WIN_XP},
102 {"ELCR", 0x04D0, 0x04D1, ACPI_ALWAYS_ILLEGAL},
103 {"PCI", 0x0CF8, 0x0CFF, ACPI_OSI_WIN_XP}
104};
105
106#define ACPI_PORT_INFO_ENTRIES ACPI_ARRAY_LENGTH (acpi_protected_ports)
107
108/******************************************************************************
109 *
110 * FUNCTION: acpi_hw_validate_io_request
111 *
112 * PARAMETERS: Address Address of I/O port/register
113 * bit_width Number of bits (8,16,32)
114 *
115 * RETURN: Status
116 *
117 * DESCRIPTION: Validates an I/O request (address/length). Certain ports are
118 * always illegal and some ports are only illegal depending on
119 * the requests the BIOS AML code makes to the predefined
120 * _OSI method.
121 *
122 ******************************************************************************/
123
124static acpi_status
125acpi_hw_validate_io_request(acpi_io_address address, u32 bit_width)
126{
127 u32 i;
128 u32 byte_width;
129 acpi_io_address last_address;
130 const struct acpi_port_info *port_info;
131
132 ACPI_FUNCTION_TRACE(hw_validate_io_request);
133
134 /* Supported widths are 8/16/32 */
135
136 if ((bit_width != 8) && (bit_width != 16) && (bit_width != 32)) {
137 ACPI_ERROR((AE_INFO,
138 "Bad BitWidth parameter: %8.8X", bit_width));
139 return AE_BAD_PARAMETER;
140 }
141
142 port_info = acpi_protected_ports;
143 byte_width = ACPI_DIV_8(bit_width);
144 last_address = address + byte_width - 1;
145
146 ACPI_DEBUG_PRINT((ACPI_DB_IO, "Address %p LastAddress %p Length %X",
147 ACPI_CAST_PTR(void, address), ACPI_CAST_PTR(void,
148 last_address),
149 byte_width));
150
151 /* Maximum 16-bit address in I/O space */
152
153 if (last_address > ACPI_UINT16_MAX) {
154 ACPI_ERROR((AE_INFO,
155 "Illegal I/O port address/length above 64K: %p/0x%X",
156 ACPI_CAST_PTR(void, address), byte_width));
157 return_ACPI_STATUS(AE_LIMIT);
158 }
159
160 /* Exit if requested address is not within the protected port table */
161
162 if (address > acpi_protected_ports[ACPI_PORT_INFO_ENTRIES - 1].end) {
163 return_ACPI_STATUS(AE_OK);
164 }
165
166 /* Check request against the list of protected I/O ports */
167
168 for (i = 0; i < ACPI_PORT_INFO_ENTRIES; i++, port_info++) {
169 /*
170 * Check if the requested address range will write to a reserved
171 * port. Four cases to consider:
172 *
173 * 1) Address range is contained completely in the port address range
174 * 2) Address range overlaps port range at the port range start
175 * 3) Address range overlaps port range at the port range end
176 * 4) Address range completely encompasses the port range
177 */
178 if ((address <= port_info->end)
179 && (last_address >= port_info->start)) {
180
181 /* Port illegality may depend on the _OSI calls made by the BIOS */
182
183 if (acpi_gbl_osi_data >= port_info->osi_dependency) {
184 ACPI_DEBUG_PRINT((ACPI_DB_IO,
185 "Denied AML access to port 0x%p/%X (%s 0x%.4X-0x%.4X)",
186 ACPI_CAST_PTR(void, address),
187 byte_width, port_info->name,
188 port_info->start,
189 port_info->end));
190
191 return_ACPI_STATUS(AE_AML_ILLEGAL_ADDRESS);
192 }
193 }
194
195 /* Finished if address range ends before the end of this port */
196
197 if (last_address <= port_info->end) {
198 break;
199 }
200 }
201
202 return_ACPI_STATUS(AE_OK);
203}
204
205/******************************************************************************
206 *
207 * FUNCTION: acpi_hw_read_port
208 *
209 * PARAMETERS: Address Address of I/O port/register to read
210 * Value Where value is placed
211 * Width Number of bits
212 *
213 * RETURN: Status and value read from port
214 *
215 * DESCRIPTION: Read data from an I/O port or register. This is a front-end
216 * to acpi_os_read_port that performs validation on both the port
217 * address and the length.
218 *
219 *****************************************************************************/
220
221acpi_status acpi_hw_read_port(acpi_io_address address, u32 *value, u32 width)
222{
223 acpi_status status;
224 u32 one_byte;
225 u32 i;
226
227 /* Truncate address to 16 bits if requested */
228
229 if (acpi_gbl_truncate_io_addresses) {
230 address &= ACPI_UINT16_MAX;
231 }
232
233 /* Validate the entire request and perform the I/O */
234
235 status = acpi_hw_validate_io_request(address, width);
236 if (ACPI_SUCCESS(status)) {
237 status = acpi_os_read_port(address, value, width);
238 return status;
239 }
240
241 if (status != AE_AML_ILLEGAL_ADDRESS) {
242 return status;
243 }
244
245 /*
246 * There has been a protection violation within the request. Fall
247 * back to byte granularity port I/O and ignore the failing bytes.
248 * This provides Windows compatibility.
249 */
250 for (i = 0, *value = 0; i < width; i += 8) {
251
252 /* Validate and read one byte */
253
254 if (acpi_hw_validate_io_request(address, 8) == AE_OK) {
255 status = acpi_os_read_port(address, &one_byte, 8);
256 if (ACPI_FAILURE(status)) {
257 return status;
258 }
259
260 *value |= (one_byte << i);
261 }
262
263 address++;
264 }
265
266 return AE_OK;
267}
268
269/******************************************************************************
270 *
271 * FUNCTION: acpi_hw_write_port
272 *
273 * PARAMETERS: Address Address of I/O port/register to write
274 * Value Value to write
275 * Width Number of bits
276 *
277 * RETURN: Status
278 *
279 * DESCRIPTION: Write data to an I/O port or register. This is a front-end
280 * to acpi_os_write_port that performs validation on both the port
281 * address and the length.
282 *
283 *****************************************************************************/
284
285acpi_status acpi_hw_write_port(acpi_io_address address, u32 value, u32 width)
286{
287 acpi_status status;
288 u32 i;
289
290 /* Truncate address to 16 bits if requested */
291
292 if (acpi_gbl_truncate_io_addresses) {
293 address &= ACPI_UINT16_MAX;
294 }
295
296 /* Validate the entire request and perform the I/O */
297
298 status = acpi_hw_validate_io_request(address, width);
299 if (ACPI_SUCCESS(status)) {
300 status = acpi_os_write_port(address, value, width);
301 return status;
302 }
303
304 if (status != AE_AML_ILLEGAL_ADDRESS) {
305 return status;
306 }
307
308 /*
309 * There has been a protection violation within the request. Fall
310 * back to byte granularity port I/O and ignore the failing bytes.
311 * This provides Windows compatibility.
312 */
313 for (i = 0; i < width; i += 8) {
314
315 /* Validate and write one byte */
316
317 if (acpi_hw_validate_io_request(address, 8) == AE_OK) {
318 status =
319 acpi_os_write_port(address, (value >> i) & 0xFF, 8);
320 if (ACPI_FAILURE(status)) {
321 return status;
322 }
323 }
324
325 address++;
326 }
327
328 return AE_OK;
329}
1// SPDX-License-Identifier: BSD-3-Clause OR GPL-2.0
2/******************************************************************************
3 *
4 * Module Name: hwvalid - I/O request validation
5 *
6 * Copyright (C) 2000 - 2023, Intel Corp.
7 *
8 *****************************************************************************/
9
10#include <acpi/acpi.h>
11#include "accommon.h"
12
13#define _COMPONENT ACPI_HARDWARE
14ACPI_MODULE_NAME("hwvalid")
15
16/* Local prototypes */
17static acpi_status
18acpi_hw_validate_io_request(acpi_io_address address, u32 bit_width);
19
20/*
21 * Protected I/O ports. Some ports are always illegal, and some are
22 * conditionally illegal. This table must remain ordered by port address.
23 *
24 * The table is used to implement the Microsoft port access rules that
25 * first appeared in Windows XP. Some ports are always illegal, and some
26 * ports are only illegal if the BIOS calls _OSI with nothing newer than
27 * the specific _OSI strings.
28 *
29 * This provides ACPICA with the desired port protections and
30 * Microsoft compatibility.
31 *
32 * Description of port entries:
33 * DMA: DMA controller
34 * PIC0: Programmable Interrupt Controller (8259A)
35 * PIT1: System Timer 1
36 * PIT2: System Timer 2 failsafe
37 * RTC: Real-time clock
38 * CMOS: Extended CMOS
39 * DMA1: DMA 1 page registers
40 * DMA1L: DMA 1 Ch 0 low page
41 * DMA2: DMA 2 page registers
42 * DMA2L: DMA 2 low page refresh
43 * ARBC: Arbitration control
44 * SETUP: Reserved system board setup
45 * POS: POS channel select
46 * PIC1: Cascaded PIC
47 * IDMA: ISA DMA
48 * ELCR: PIC edge/level registers
49 * PCI: PCI configuration space
50 */
51static const struct acpi_port_info acpi_protected_ports[] = {
52 {"DMA", 0x0000, 0x000F, ACPI_OSI_WIN_XP},
53 {"PIC0", 0x0020, 0x0021, ACPI_ALWAYS_ILLEGAL},
54 {"PIT1", 0x0040, 0x0043, ACPI_OSI_WIN_XP},
55 {"PIT2", 0x0048, 0x004B, ACPI_OSI_WIN_XP},
56 {"RTC", 0x0070, 0x0071, ACPI_OSI_WIN_XP},
57 {"CMOS", 0x0074, 0x0076, ACPI_OSI_WIN_XP},
58 {"DMA1", 0x0081, 0x0083, ACPI_OSI_WIN_XP},
59 {"DMA1L", 0x0087, 0x0087, ACPI_OSI_WIN_XP},
60 {"DMA2", 0x0089, 0x008B, ACPI_OSI_WIN_XP},
61 {"DMA2L", 0x008F, 0x008F, ACPI_OSI_WIN_XP},
62 {"ARBC", 0x0090, 0x0091, ACPI_OSI_WIN_XP},
63 {"SETUP", 0x0093, 0x0094, ACPI_OSI_WIN_XP},
64 {"POS", 0x0096, 0x0097, ACPI_OSI_WIN_XP},
65 {"PIC1", 0x00A0, 0x00A1, ACPI_ALWAYS_ILLEGAL},
66 {"IDMA", 0x00C0, 0x00DF, ACPI_OSI_WIN_XP},
67 {"ELCR", 0x04D0, 0x04D1, ACPI_ALWAYS_ILLEGAL},
68 {"PCI", 0x0CF8, 0x0CFF, ACPI_OSI_WIN_XP}
69};
70
71#define ACPI_PORT_INFO_ENTRIES ACPI_ARRAY_LENGTH (acpi_protected_ports)
72
73/******************************************************************************
74 *
75 * FUNCTION: acpi_hw_validate_io_request
76 *
77 * PARAMETERS: Address Address of I/O port/register
78 * bit_width Number of bits (8,16,32)
79 *
80 * RETURN: Status
81 *
82 * DESCRIPTION: Validates an I/O request (address/length). Certain ports are
83 * always illegal and some ports are only illegal depending on
84 * the requests the BIOS AML code makes to the predefined
85 * _OSI method.
86 *
87 ******************************************************************************/
88
89static acpi_status
90acpi_hw_validate_io_request(acpi_io_address address, u32 bit_width)
91{
92 u32 i;
93 u32 byte_width;
94 acpi_io_address last_address;
95 const struct acpi_port_info *port_info;
96
97 ACPI_FUNCTION_TRACE(hw_validate_io_request);
98
99 /* Supported widths are 8/16/32 */
100
101 if ((bit_width != 8) && (bit_width != 16) && (bit_width != 32)) {
102 ACPI_ERROR((AE_INFO,
103 "Bad BitWidth parameter: %8.8X", bit_width));
104 return_ACPI_STATUS(AE_BAD_PARAMETER);
105 }
106
107 port_info = acpi_protected_ports;
108 byte_width = ACPI_DIV_8(bit_width);
109 last_address = address + byte_width - 1;
110
111 ACPI_DEBUG_PRINT((ACPI_DB_IO,
112 "Address %8.8X%8.8X LastAddress %8.8X%8.8X Length %X",
113 ACPI_FORMAT_UINT64(address),
114 ACPI_FORMAT_UINT64(last_address), byte_width));
115
116 /* Maximum 16-bit address in I/O space */
117
118 if (last_address > ACPI_UINT16_MAX) {
119 ACPI_ERROR((AE_INFO,
120 "Illegal I/O port address/length above 64K: %8.8X%8.8X/0x%X",
121 ACPI_FORMAT_UINT64(address), byte_width));
122 return_ACPI_STATUS(AE_LIMIT);
123 }
124
125 /* Exit if requested address is not within the protected port table */
126
127 if (address > acpi_protected_ports[ACPI_PORT_INFO_ENTRIES - 1].end) {
128 return_ACPI_STATUS(AE_OK);
129 }
130
131 /* Check request against the list of protected I/O ports */
132
133 for (i = 0; i < ACPI_PORT_INFO_ENTRIES; i++, port_info++) {
134 /*
135 * Check if the requested address range will write to a reserved
136 * port. There are four cases to consider:
137 *
138 * 1) Address range is contained completely in the port address range
139 * 2) Address range overlaps port range at the port range start
140 * 3) Address range overlaps port range at the port range end
141 * 4) Address range completely encompasses the port range
142 */
143 if ((address <= port_info->end)
144 && (last_address >= port_info->start)) {
145
146 /* Port illegality may depend on the _OSI calls made by the BIOS */
147
148 if (port_info->osi_dependency == ACPI_ALWAYS_ILLEGAL ||
149 acpi_gbl_osi_data == port_info->osi_dependency) {
150 ACPI_DEBUG_PRINT((ACPI_DB_VALUES,
151 "Denied AML access to port 0x%8.8X%8.8X/%X (%s 0x%.4X-0x%.4X)\n",
152 ACPI_FORMAT_UINT64(address),
153 byte_width, port_info->name,
154 port_info->start,
155 port_info->end));
156
157 return_ACPI_STATUS(AE_AML_ILLEGAL_ADDRESS);
158 }
159 }
160
161 /* Finished if address range ends before the end of this port */
162
163 if (last_address <= port_info->end) {
164 break;
165 }
166 }
167
168 return_ACPI_STATUS(AE_OK);
169}
170
171/******************************************************************************
172 *
173 * FUNCTION: acpi_hw_read_port
174 *
175 * PARAMETERS: Address Address of I/O port/register to read
176 * Value Where value (data) is returned
177 * Width Number of bits
178 *
179 * RETURN: Status and value read from port
180 *
181 * DESCRIPTION: Read data from an I/O port or register. This is a front-end
182 * to acpi_os_read_port that performs validation on both the port
183 * address and the length.
184 *
185 *****************************************************************************/
186
187acpi_status acpi_hw_read_port(acpi_io_address address, u32 *value, u32 width)
188{
189 acpi_status status;
190 u32 one_byte;
191 u32 i;
192
193 /* Truncate address to 16 bits if requested */
194
195 if (acpi_gbl_truncate_io_addresses) {
196 address &= ACPI_UINT16_MAX;
197 }
198
199 /* Validate the entire request and perform the I/O */
200
201 status = acpi_hw_validate_io_request(address, width);
202 if (ACPI_SUCCESS(status)) {
203 status = acpi_os_read_port(address, value, width);
204 return (status);
205 }
206
207 if (status != AE_AML_ILLEGAL_ADDRESS) {
208 return (status);
209 }
210
211 /*
212 * There has been a protection violation within the request. Fall
213 * back to byte granularity port I/O and ignore the failing bytes.
214 * This provides compatibility with other ACPI implementations.
215 */
216 for (i = 0, *value = 0; i < width; i += 8) {
217
218 /* Validate and read one byte */
219
220 if (acpi_hw_validate_io_request(address, 8) == AE_OK) {
221 status = acpi_os_read_port(address, &one_byte, 8);
222 if (ACPI_FAILURE(status)) {
223 return (status);
224 }
225
226 *value |= (one_byte << i);
227 }
228
229 address++;
230 }
231
232 return (AE_OK);
233}
234
235/******************************************************************************
236 *
237 * FUNCTION: acpi_hw_write_port
238 *
239 * PARAMETERS: Address Address of I/O port/register to write
240 * Value Value to write
241 * Width Number of bits
242 *
243 * RETURN: Status
244 *
245 * DESCRIPTION: Write data to an I/O port or register. This is a front-end
246 * to acpi_os_write_port that performs validation on both the port
247 * address and the length.
248 *
249 *****************************************************************************/
250
251acpi_status acpi_hw_write_port(acpi_io_address address, u32 value, u32 width)
252{
253 acpi_status status;
254 u32 i;
255
256 /* Truncate address to 16 bits if requested */
257
258 if (acpi_gbl_truncate_io_addresses) {
259 address &= ACPI_UINT16_MAX;
260 }
261
262 /* Validate the entire request and perform the I/O */
263
264 status = acpi_hw_validate_io_request(address, width);
265 if (ACPI_SUCCESS(status)) {
266 status = acpi_os_write_port(address, value, width);
267 return (status);
268 }
269
270 if (status != AE_AML_ILLEGAL_ADDRESS) {
271 return (status);
272 }
273
274 /*
275 * There has been a protection violation within the request. Fall
276 * back to byte granularity port I/O and ignore the failing bytes.
277 * This provides compatibility with other ACPI implementations.
278 */
279 for (i = 0; i < width; i += 8) {
280
281 /* Validate and write one byte */
282
283 if (acpi_hw_validate_io_request(address, 8) == AE_OK) {
284 status =
285 acpi_os_write_port(address, (value >> i) & 0xFF, 8);
286 if (ACPI_FAILURE(status)) {
287 return (status);
288 }
289 }
290
291 address++;
292 }
293
294 return (AE_OK);
295}
296
297/******************************************************************************
298 *
299 * FUNCTION: acpi_hw_validate_io_block
300 *
301 * PARAMETERS: Address Address of I/O port/register blobk
302 * bit_width Number of bits (8,16,32) in each register
303 * count Number of registers in the block
304 *
305 * RETURN: Status
306 *
307 * DESCRIPTION: Validates a block of I/O ports/registers.
308 *
309 ******************************************************************************/
310
311acpi_status acpi_hw_validate_io_block(u64 address, u32 bit_width, u32 count)
312{
313 acpi_status status;
314
315 while (count--) {
316 status = acpi_hw_validate_io_request((acpi_io_address)address,
317 bit_width);
318 if (ACPI_FAILURE(status))
319 return_ACPI_STATUS(status);
320
321 address += ACPI_DIV_8(bit_width);
322 }
323
324 return_ACPI_STATUS(AE_OK);
325}