1 2/****************************************************************************** 3 * 4 * Module Name: hwvalid - I/O request validation 5 * 6 *****************************************************************************/ 7 8/* 9 * Copyright (C) 2000 - 2010, Intel Corp. 10 * All rights reserved. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions, and the following disclaimer, 17 * without modification. 18 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 19 * substantially similar to the "NO WARRANTY" disclaimer below 20 * ("Disclaimer") and any redistribution must be conditioned upon 21 * including a substantially similar Disclaimer requirement for further 22 * binary redistribution. 23 * 3. Neither the names of the above-listed copyright holders nor the names 24 * of any contributors may be used to endorse or promote products derived 25 * from this software without specific prior written permission. 26 * 27 * Alternatively, this software may be distributed under the terms of the 28 * GNU General Public License ("GPL") version 2 as published by the Free 29 * Software Foundation. 30 * 31 * NO WARRANTY 32 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 33 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 34 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR 35 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 36 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 37 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 38 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 39 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 40 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 41 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 42 * POSSIBILITY OF SUCH DAMAGES. 43 */ 44 45#include <acpi/acpi.h> 46#include "accommon.h" 47 48#define _COMPONENT ACPI_HARDWARE 49ACPI_MODULE_NAME("hwvalid") 50 51/* Local prototypes */ 52static acpi_status 53acpi_hw_validate_io_request(acpi_io_address address, u32 bit_width); 54 55/* 56 * Protected I/O ports. Some ports are always illegal, and some are 57 * conditionally illegal. This table must remain ordered by port address. 58 * 59 * The table is used to implement the Microsoft port access rules that 60 * first appeared in Windows XP. Some ports are always illegal, and some 61 * ports are only illegal if the BIOS calls _OSI with a win_xP string or 62 * later (meaning that the BIOS itelf is post-XP.) 63 * 64 * This provides ACPICA with the desired port protections and 65 * Microsoft compatibility. 66 * 67 * Description of port entries: 68 * DMA: DMA controller 69 * PIC0: Programmable Interrupt Controller (8259_a) 70 * PIT1: System Timer 1 71 * PIT2: System Timer 2 failsafe 72 * RTC: Real-time clock 73 * CMOS: Extended CMOS 74 * DMA1: DMA 1 page registers 75 * DMA1L: DMA 1 Ch 0 low page 76 * DMA2: DMA 2 page registers 77 * DMA2L: DMA 2 low page refresh 78 * ARBC: Arbitration control 79 * SETUP: Reserved system board setup 80 * POS: POS channel select 81 * PIC1: Cascaded PIC 82 * IDMA: ISA DMA 83 * ELCR: PIC edge/level registers 84 * PCI: PCI configuration space 85 */ 86static const struct acpi_port_info acpi_protected_ports[] = { 87 {"DMA", 0x0000, 0x000F, ACPI_OSI_WIN_XP}, 88 {"PIC0", 0x0020, 0x0021, ACPI_ALWAYS_ILLEGAL}, 89 {"PIT1", 0x0040, 0x0043, ACPI_OSI_WIN_XP}, 90 {"PIT2", 0x0048, 0x004B, ACPI_OSI_WIN_XP}, 91 {"RTC", 0x0070, 0x0071, ACPI_OSI_WIN_XP}, 92 {"CMOS", 0x0074, 0x0076, ACPI_OSI_WIN_XP}, 93 {"DMA1", 0x0081, 0x0083, ACPI_OSI_WIN_XP}, 94 {"DMA1L", 0x0087, 0x0087, ACPI_OSI_WIN_XP}, 95 {"DMA2", 0x0089, 0x008B, ACPI_OSI_WIN_XP}, 96 {"DMA2L", 0x008F, 0x008F, ACPI_OSI_WIN_XP}, 97 {"ARBC", 0x0090, 0x0091, ACPI_OSI_WIN_XP}, 98 {"SETUP", 0x0093, 0x0094, ACPI_OSI_WIN_XP}, 99 {"POS", 0x0096, 0x0097, ACPI_OSI_WIN_XP}, 100 {"PIC1", 0x00A0, 0x00A1, ACPI_ALWAYS_ILLEGAL}, 101 {"IDMA", 0x00C0, 0x00DF, ACPI_OSI_WIN_XP}, 102 {"ELCR", 0x04D0, 0x04D1, ACPI_ALWAYS_ILLEGAL}, 103 {"PCI", 0x0CF8, 0x0CFF, ACPI_OSI_WIN_XP} 104}; 105 106#define ACPI_PORT_INFO_ENTRIES ACPI_ARRAY_LENGTH (acpi_protected_ports) 107 108/****************************************************************************** 109 * 110 * FUNCTION: acpi_hw_validate_io_request 111 * 112 * PARAMETERS: Address Address of I/O port/register 113 * bit_width Number of bits (8,16,32) 114 * 115 * RETURN: Status 116 * 117 * DESCRIPTION: Validates an I/O request (address/length). Certain ports are 118 * always illegal and some ports are only illegal depending on 119 * the requests the BIOS AML code makes to the predefined 120 * _OSI method. 121 * 122 ******************************************************************************/ 123 124static acpi_status 125acpi_hw_validate_io_request(acpi_io_address address, u32 bit_width) 126{ 127 u32 i; 128 u32 byte_width; 129 acpi_io_address last_address; 130 const struct acpi_port_info *port_info; 131 132 ACPI_FUNCTION_TRACE(hw_validate_io_request); 133 134 /* Supported widths are 8/16/32 */ 135 136 if ((bit_width != 8) && (bit_width != 16) && (bit_width != 32)) { 137 return AE_BAD_PARAMETER; 138 } 139 140 port_info = acpi_protected_ports; 141 byte_width = ACPI_DIV_8(bit_width); 142 last_address = address + byte_width - 1; 143 144 ACPI_DEBUG_PRINT((ACPI_DB_IO, "Address %p LastAddress %p Length %X", 145 ACPI_CAST_PTR(void, address), ACPI_CAST_PTR(void, 146 last_address), 147 byte_width)); 148 149 /* Maximum 16-bit address in I/O space */ 150 151 if (last_address > ACPI_UINT16_MAX) { 152 ACPI_ERROR((AE_INFO, 153 "Illegal I/O port address/length above 64K: %p/0x%X", 154 ACPI_CAST_PTR(void, address), byte_width)); 155 return_ACPI_STATUS(AE_LIMIT); 156 } 157 158 /* Exit if requested address is not within the protected port table */ 159 160 if (address > acpi_protected_ports[ACPI_PORT_INFO_ENTRIES - 1].end) { 161 return_ACPI_STATUS(AE_OK); 162 } 163 164 /* Check request against the list of protected I/O ports */ 165 166 for (i = 0; i < ACPI_PORT_INFO_ENTRIES; i++, port_info++) { 167 /* 168 * Check if the requested address range will write to a reserved 169 * port. Four cases to consider: 170 * 171 * 1) Address range is contained completely in the port address range 172 * 2) Address range overlaps port range at the port range start 173 * 3) Address range overlaps port range at the port range end 174 * 4) Address range completely encompasses the port range 175 */ 176 if ((address <= port_info->end) 177 && (last_address >= port_info->start)) { 178 179 /* Port illegality may depend on the _OSI calls made by the BIOS */ 180 181 if (acpi_gbl_osi_data >= port_info->osi_dependency) { 182 ACPI_DEBUG_PRINT((ACPI_DB_IO, 183 "Denied AML access to port 0x%p/%X (%s 0x%.4X-0x%.4X)", 184 ACPI_CAST_PTR(void, address), 185 byte_width, port_info->name, 186 port_info->start, 187 port_info->end)); 188 189 return_ACPI_STATUS(AE_AML_ILLEGAL_ADDRESS); 190 } 191 } 192 193 /* Finished if address range ends before the end of this port */ 194 195 if (last_address <= port_info->end) { 196 break; 197 } 198 } 199 200 return_ACPI_STATUS(AE_OK); 201} 202 203/****************************************************************************** 204 * 205 * FUNCTION: acpi_hw_read_port 206 * 207 * PARAMETERS: Address Address of I/O port/register to read 208 * Value Where value is placed 209 * Width Number of bits 210 * 211 * RETURN: Status and value read from port 212 * 213 * DESCRIPTION: Read data from an I/O port or register. This is a front-end 214 * to acpi_os_read_port that performs validation on both the port 215 * address and the length. 216 * 217 *****************************************************************************/ 218 219acpi_status acpi_hw_read_port(acpi_io_address address, u32 *value, u32 width) 220{ 221 acpi_status status; 222 u32 one_byte; 223 u32 i; 224 225 /* Truncate address to 16 bits if requested */ 226 227 if (acpi_gbl_truncate_io_addresses) { 228 address &= ACPI_UINT16_MAX; 229 } 230 231 /* Validate the entire request and perform the I/O */ 232 233 status = acpi_hw_validate_io_request(address, width); 234 if (ACPI_SUCCESS(status)) { 235 status = acpi_os_read_port(address, value, width); 236 return status; 237 } 238 239 if (status != AE_AML_ILLEGAL_ADDRESS) { 240 return status; 241 } 242 243 /* 244 * There has been a protection violation within the request. Fall 245 * back to byte granularity port I/O and ignore the failing bytes. 246 * This provides Windows compatibility. 247 */ 248 for (i = 0, *value = 0; i < width; i += 8) { 249 250 /* Validate and read one byte */ 251 252 if (acpi_hw_validate_io_request(address, 8) == AE_OK) { 253 status = acpi_os_read_port(address, &one_byte, 8); 254 if (ACPI_FAILURE(status)) { 255 return status; 256 } 257 258 *value |= (one_byte << i); 259 } 260 261 address++; 262 } 263 264 return AE_OK; 265} 266 267/****************************************************************************** 268 * 269 * FUNCTION: acpi_hw_write_port 270 * 271 * PARAMETERS: Address Address of I/O port/register to write 272 * Value Value to write 273 * Width Number of bits 274 * 275 * RETURN: Status 276 * 277 * DESCRIPTION: Write data to an I/O port or register. This is a front-end 278 * to acpi_os_write_port that performs validation on both the port 279 * address and the length. 280 * 281 *****************************************************************************/ 282 283acpi_status acpi_hw_write_port(acpi_io_address address, u32 value, u32 width) 284{ 285 acpi_status status; 286 u32 i; 287 288 /* Truncate address to 16 bits if requested */ 289 290 if (acpi_gbl_truncate_io_addresses) { 291 address &= ACPI_UINT16_MAX; 292 } 293 294 /* Validate the entire request and perform the I/O */ 295 296 status = acpi_hw_validate_io_request(address, width); 297 if (ACPI_SUCCESS(status)) { 298 status = acpi_os_write_port(address, value, width); 299 return status; 300 } 301 302 if (status != AE_AML_ILLEGAL_ADDRESS) { 303 return status; 304 } 305 306 /* 307 * There has been a protection violation within the request. Fall 308 * back to byte granularity port I/O and ignore the failing bytes. 309 * This provides Windows compatibility. 310 */ 311 for (i = 0; i < width; i += 8) { 312 313 /* Validate and write one byte */ 314 315 if (acpi_hw_validate_io_request(address, 8) == AE_OK) { 316 status = 317 acpi_os_write_port(address, (value >> i) & 0xFF, 8); 318 if (ACPI_FAILURE(status)) { 319 return status; 320 } 321 } 322 323 address++; 324 } 325 326 return AE_OK; 327} 328