1 
2 /******************************************************************************
3  *
4  * Module Name: hwvalid - I/O request validation
5  *
6  *****************************************************************************/
7 
8 /*
9  * Copyright (C) 2000 - 2012, Intel Corp.
10  * All rights reserved.
11  *
12  * Redistribution and use in source and binary forms, with or without
13  * modification, are permitted provided that the following conditions
14  * are met:
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions, and the following disclaimer,
17  *    without modification.
18  * 2. Redistributions in binary form must reproduce at minimum a disclaimer
19  *    substantially similar to the "NO WARRANTY" disclaimer below
20  *    ("Disclaimer") and any redistribution must be conditioned upon
21  *    including a substantially similar Disclaimer requirement for further
22  *    binary redistribution.
23  * 3. Neither the names of the above-listed copyright holders nor the names
24  *    of any contributors may be used to endorse or promote products derived
25  *    from this software without specific prior written permission.
26  *
27  * Alternatively, this software may be distributed under the terms of the
28  * GNU General Public License ("GPL") version 2 as published by the Free
29  * Software Foundation.
30  *
31  * NO WARRANTY
32  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
33  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
34  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
35  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
36  * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
37  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
38  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
39  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
40  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
41  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
42  * POSSIBILITY OF SUCH DAMAGES.
43  */
44 
45 #include <acpi/acpi.h>
46 #include "accommon.h"
47 
48 #define _COMPONENT          ACPI_HARDWARE
49 ACPI_MODULE_NAME("hwvalid")
50 
51 /* Local prototypes */
52 static acpi_status
53 acpi_hw_validate_io_request(acpi_io_address address, u32 bit_width);
54 
55 /*
56  * Protected I/O ports. Some ports are always illegal, and some are
57  * conditionally illegal. This table must remain ordered by port address.
58  *
59  * The table is used to implement the Microsoft port access rules that
60  * first appeared in Windows XP. Some ports are always illegal, and some
61  * ports are only illegal if the BIOS calls _OSI with a win_xP string or
62  * later (meaning that the BIOS itelf is post-XP.)
63  *
64  * This provides ACPICA with the desired port protections and
65  * Microsoft compatibility.
66  *
67  * Description of port entries:
68  *  DMA:   DMA controller
69  *  PIC0:  Programmable Interrupt Controller (8259_a)
70  *  PIT1:  System Timer 1
71  *  PIT2:  System Timer 2 failsafe
72  *  RTC:   Real-time clock
73  *  CMOS:  Extended CMOS
74  *  DMA1:  DMA 1 page registers
75  *  DMA1L: DMA 1 Ch 0 low page
76  *  DMA2:  DMA 2 page registers
77  *  DMA2L: DMA 2 low page refresh
78  *  ARBC:  Arbitration control
79  *  SETUP: Reserved system board setup
80  *  POS:   POS channel select
81  *  PIC1:  Cascaded PIC
82  *  IDMA:  ISA DMA
83  *  ELCR:  PIC edge/level registers
84  *  PCI:   PCI configuration space
85  */
86 static const struct acpi_port_info acpi_protected_ports[] = {
87 	{"DMA", 0x0000, 0x000F, ACPI_OSI_WIN_XP},
88 	{"PIC0", 0x0020, 0x0021, ACPI_ALWAYS_ILLEGAL},
89 	{"PIT1", 0x0040, 0x0043, ACPI_OSI_WIN_XP},
90 	{"PIT2", 0x0048, 0x004B, ACPI_OSI_WIN_XP},
91 	{"RTC", 0x0070, 0x0071, ACPI_OSI_WIN_XP},
92 	{"CMOS", 0x0074, 0x0076, ACPI_OSI_WIN_XP},
93 	{"DMA1", 0x0081, 0x0083, ACPI_OSI_WIN_XP},
94 	{"DMA1L", 0x0087, 0x0087, ACPI_OSI_WIN_XP},
95 	{"DMA2", 0x0089, 0x008B, ACPI_OSI_WIN_XP},
96 	{"DMA2L", 0x008F, 0x008F, ACPI_OSI_WIN_XP},
97 	{"ARBC", 0x0090, 0x0091, ACPI_OSI_WIN_XP},
98 	{"SETUP", 0x0093, 0x0094, ACPI_OSI_WIN_XP},
99 	{"POS", 0x0096, 0x0097, ACPI_OSI_WIN_XP},
100 	{"PIC1", 0x00A0, 0x00A1, ACPI_ALWAYS_ILLEGAL},
101 	{"IDMA", 0x00C0, 0x00DF, ACPI_OSI_WIN_XP},
102 	{"ELCR", 0x04D0, 0x04D1, ACPI_ALWAYS_ILLEGAL},
103 	{"PCI", 0x0CF8, 0x0CFF, ACPI_OSI_WIN_XP}
104 };
105 
106 #define ACPI_PORT_INFO_ENTRIES  ACPI_ARRAY_LENGTH (acpi_protected_ports)
107 
108 /******************************************************************************
109  *
110  * FUNCTION:    acpi_hw_validate_io_request
111  *
112  * PARAMETERS:  Address             Address of I/O port/register
113  *              bit_width           Number of bits (8,16,32)
114  *
115  * RETURN:      Status
116  *
117  * DESCRIPTION: Validates an I/O request (address/length). Certain ports are
118  *              always illegal and some ports are only illegal depending on
119  *              the requests the BIOS AML code makes to the predefined
120  *              _OSI method.
121  *
122  ******************************************************************************/
123 
124 static acpi_status
acpi_hw_validate_io_request(acpi_io_address address,u32 bit_width)125 acpi_hw_validate_io_request(acpi_io_address address, u32 bit_width)
126 {
127 	u32 i;
128 	u32 byte_width;
129 	acpi_io_address last_address;
130 	const struct acpi_port_info *port_info;
131 
132 	ACPI_FUNCTION_TRACE(hw_validate_io_request);
133 
134 	/* Supported widths are 8/16/32 */
135 
136 	if ((bit_width != 8) && (bit_width != 16) && (bit_width != 32)) {
137 		ACPI_ERROR((AE_INFO,
138 			    "Bad BitWidth parameter: %8.8X", bit_width));
139 		return AE_BAD_PARAMETER;
140 	}
141 
142 	port_info = acpi_protected_ports;
143 	byte_width = ACPI_DIV_8(bit_width);
144 	last_address = address + byte_width - 1;
145 
146 	ACPI_DEBUG_PRINT((ACPI_DB_IO, "Address %p LastAddress %p Length %X",
147 			  ACPI_CAST_PTR(void, address), ACPI_CAST_PTR(void,
148 								      last_address),
149 			  byte_width));
150 
151 	/* Maximum 16-bit address in I/O space */
152 
153 	if (last_address > ACPI_UINT16_MAX) {
154 		ACPI_ERROR((AE_INFO,
155 			    "Illegal I/O port address/length above 64K: %p/0x%X",
156 			    ACPI_CAST_PTR(void, address), byte_width));
157 		return_ACPI_STATUS(AE_LIMIT);
158 	}
159 
160 	/* Exit if requested address is not within the protected port table */
161 
162 	if (address > acpi_protected_ports[ACPI_PORT_INFO_ENTRIES - 1].end) {
163 		return_ACPI_STATUS(AE_OK);
164 	}
165 
166 	/* Check request against the list of protected I/O ports */
167 
168 	for (i = 0; i < ACPI_PORT_INFO_ENTRIES; i++, port_info++) {
169 		/*
170 		 * Check if the requested address range will write to a reserved
171 		 * port. Four cases to consider:
172 		 *
173 		 * 1) Address range is contained completely in the port address range
174 		 * 2) Address range overlaps port range at the port range start
175 		 * 3) Address range overlaps port range at the port range end
176 		 * 4) Address range completely encompasses the port range
177 		 */
178 		if ((address <= port_info->end)
179 		    && (last_address >= port_info->start)) {
180 
181 			/* Port illegality may depend on the _OSI calls made by the BIOS */
182 
183 			if (acpi_gbl_osi_data >= port_info->osi_dependency) {
184 				ACPI_DEBUG_PRINT((ACPI_DB_IO,
185 						  "Denied AML access to port 0x%p/%X (%s 0x%.4X-0x%.4X)",
186 						  ACPI_CAST_PTR(void, address),
187 						  byte_width, port_info->name,
188 						  port_info->start,
189 						  port_info->end));
190 
191 				return_ACPI_STATUS(AE_AML_ILLEGAL_ADDRESS);
192 			}
193 		}
194 
195 		/* Finished if address range ends before the end of this port */
196 
197 		if (last_address <= port_info->end) {
198 			break;
199 		}
200 	}
201 
202 	return_ACPI_STATUS(AE_OK);
203 }
204 
205 /******************************************************************************
206  *
207  * FUNCTION:    acpi_hw_read_port
208  *
209  * PARAMETERS:  Address             Address of I/O port/register to read
210  *              Value               Where value is placed
211  *              Width               Number of bits
212  *
213  * RETURN:      Status and value read from port
214  *
215  * DESCRIPTION: Read data from an I/O port or register. This is a front-end
216  *              to acpi_os_read_port that performs validation on both the port
217  *              address and the length.
218  *
219  *****************************************************************************/
220 
acpi_hw_read_port(acpi_io_address address,u32 * value,u32 width)221 acpi_status acpi_hw_read_port(acpi_io_address address, u32 *value, u32 width)
222 {
223 	acpi_status status;
224 	u32 one_byte;
225 	u32 i;
226 
227 	/* Truncate address to 16 bits if requested */
228 
229 	if (acpi_gbl_truncate_io_addresses) {
230 		address &= ACPI_UINT16_MAX;
231 	}
232 
233 	/* Validate the entire request and perform the I/O */
234 
235 	status = acpi_hw_validate_io_request(address, width);
236 	if (ACPI_SUCCESS(status)) {
237 		status = acpi_os_read_port(address, value, width);
238 		return status;
239 	}
240 
241 	if (status != AE_AML_ILLEGAL_ADDRESS) {
242 		return status;
243 	}
244 
245 	/*
246 	 * There has been a protection violation within the request. Fall
247 	 * back to byte granularity port I/O and ignore the failing bytes.
248 	 * This provides Windows compatibility.
249 	 */
250 	for (i = 0, *value = 0; i < width; i += 8) {
251 
252 		/* Validate and read one byte */
253 
254 		if (acpi_hw_validate_io_request(address, 8) == AE_OK) {
255 			status = acpi_os_read_port(address, &one_byte, 8);
256 			if (ACPI_FAILURE(status)) {
257 				return status;
258 			}
259 
260 			*value |= (one_byte << i);
261 		}
262 
263 		address++;
264 	}
265 
266 	return AE_OK;
267 }
268 
269 /******************************************************************************
270  *
271  * FUNCTION:    acpi_hw_write_port
272  *
273  * PARAMETERS:  Address             Address of I/O port/register to write
274  *              Value               Value to write
275  *              Width               Number of bits
276  *
277  * RETURN:      Status
278  *
279  * DESCRIPTION: Write data to an I/O port or register. This is a front-end
280  *              to acpi_os_write_port that performs validation on both the port
281  *              address and the length.
282  *
283  *****************************************************************************/
284 
acpi_hw_write_port(acpi_io_address address,u32 value,u32 width)285 acpi_status acpi_hw_write_port(acpi_io_address address, u32 value, u32 width)
286 {
287 	acpi_status status;
288 	u32 i;
289 
290 	/* Truncate address to 16 bits if requested */
291 
292 	if (acpi_gbl_truncate_io_addresses) {
293 		address &= ACPI_UINT16_MAX;
294 	}
295 
296 	/* Validate the entire request and perform the I/O */
297 
298 	status = acpi_hw_validate_io_request(address, width);
299 	if (ACPI_SUCCESS(status)) {
300 		status = acpi_os_write_port(address, value, width);
301 		return status;
302 	}
303 
304 	if (status != AE_AML_ILLEGAL_ADDRESS) {
305 		return status;
306 	}
307 
308 	/*
309 	 * There has been a protection violation within the request. Fall
310 	 * back to byte granularity port I/O and ignore the failing bytes.
311 	 * This provides Windows compatibility.
312 	 */
313 	for (i = 0; i < width; i += 8) {
314 
315 		/* Validate and write one byte */
316 
317 		if (acpi_hw_validate_io_request(address, 8) == AE_OK) {
318 			status =
319 			    acpi_os_write_port(address, (value >> i) & 0xFF, 8);
320 			if (ACPI_FAILURE(status)) {
321 				return status;
322 			}
323 		}
324 
325 		address++;
326 	}
327 
328 	return AE_OK;
329 }
330