1 /****************************************************************************** 2 * 3 * Module Name: hwvalid - I/O request validation 4 * 5 *****************************************************************************/ 6 7 /* 8 * Copyright (C) 2000 - 2020, Intel Corp. 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions, and the following disclaimer, 16 * without modification. 17 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 18 * substantially similar to the "NO WARRANTY" disclaimer below 19 * ("Disclaimer") and any redistribution must be conditioned upon 20 * including a substantially similar Disclaimer requirement for further 21 * binary redistribution. 22 * 3. Neither the names of the above-listed copyright holders nor the names 23 * of any contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * Alternatively, this software may be distributed under the terms of the 27 * GNU General Public License ("GPL") version 2 as published by the Free 28 * Software Foundation. 29 * 30 * NO WARRANTY 31 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 32 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 33 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR 34 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 35 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 36 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 40 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 41 * POSSIBILITY OF SUCH DAMAGES. 42 */ 43 44 #include "acpi.h" 45 #include "accommon.h" 46 47 #define _COMPONENT ACPI_HARDWARE 48 ACPI_MODULE_NAME ("hwvalid") 49 50 /* Local prototypes */ 51 52 static ACPI_STATUS 53 AcpiHwValidateIoRequest ( 54 ACPI_IO_ADDRESS Address, 55 UINT32 BitWidth); 56 57 58 /* 59 * Protected I/O ports. Some ports are always illegal, and some are 60 * conditionally illegal. This table must remain ordered by port address. 61 * 62 * The table is used to implement the Microsoft port access rules that 63 * first appeared in Windows XP. Some ports are always illegal, and some 64 * ports are only illegal if the BIOS calls _OSI with a WinXP string or 65 * later (meaning that the BIOS itelf is post-XP.) 66 * 67 * This provides ACPICA with the desired port protections and 68 * Microsoft compatibility. 69 * 70 * Description of port entries: 71 * DMA: DMA controller 72 * PIC0: Programmable Interrupt Controller (8259A) 73 * PIT1: System Timer 1 74 * PIT2: System Timer 2 failsafe 75 * RTC: Real-time clock 76 * CMOS: Extended CMOS 77 * DMA1: DMA 1 page registers 78 * DMA1L: DMA 1 Ch 0 low page 79 * DMA2: DMA 2 page registers 80 * DMA2L: DMA 2 low page refresh 81 * ARBC: Arbitration control 82 * SETUP: Reserved system board setup 83 * POS: POS channel select 84 * PIC1: Cascaded PIC 85 * IDMA: ISA DMA 86 * ELCR: PIC edge/level registers 87 * PCI: PCI configuration space 88 */ 89 static const ACPI_PORT_INFO AcpiProtectedPorts[] = 90 { 91 {"DMA", 0x0000, 0x000F, ACPI_OSI_WIN_XP}, 92 {"PIC0", 0x0020, 0x0021, ACPI_ALWAYS_ILLEGAL}, 93 {"PIT1", 0x0040, 0x0043, ACPI_OSI_WIN_XP}, 94 {"PIT2", 0x0048, 0x004B, ACPI_OSI_WIN_XP}, 95 {"RTC", 0x0070, 0x0071, ACPI_OSI_WIN_XP}, 96 {"CMOS", 0x0074, 0x0076, ACPI_OSI_WIN_XP}, 97 {"DMA1", 0x0081, 0x0083, ACPI_OSI_WIN_XP}, 98 {"DMA1L", 0x0087, 0x0087, ACPI_OSI_WIN_XP}, 99 {"DMA2", 0x0089, 0x008B, ACPI_OSI_WIN_XP}, 100 {"DMA2L", 0x008F, 0x008F, ACPI_OSI_WIN_XP}, 101 {"ARBC", 0x0090, 0x0091, ACPI_OSI_WIN_XP}, 102 {"SETUP", 0x0093, 0x0094, ACPI_OSI_WIN_XP}, 103 {"POS", 0x0096, 0x0097, ACPI_OSI_WIN_XP}, 104 {"PIC1", 0x00A0, 0x00A1, ACPI_ALWAYS_ILLEGAL}, 105 {"IDMA", 0x00C0, 0x00DF, ACPI_OSI_WIN_XP}, 106 {"ELCR", 0x04D0, 0x04D1, ACPI_ALWAYS_ILLEGAL}, 107 {"PCI", 0x0CF8, 0x0CFF, ACPI_OSI_WIN_XP} 108 }; 109 110 #define ACPI_PORT_INFO_ENTRIES ACPI_ARRAY_LENGTH (AcpiProtectedPorts) 111 112 113 /****************************************************************************** 114 * 115 * FUNCTION: AcpiHwValidateIoRequest 116 * 117 * PARAMETERS: Address Address of I/O port/register 118 * BitWidth Number of bits (8,16,32) 119 * 120 * RETURN: Status 121 * 122 * DESCRIPTION: Validates an I/O request (address/length). Certain ports are 123 * always illegal and some ports are only illegal depending on 124 * the requests the BIOS AML code makes to the predefined 125 * _OSI method. 126 * 127 ******************************************************************************/ 128 129 static ACPI_STATUS 130 AcpiHwValidateIoRequest ( 131 ACPI_IO_ADDRESS Address, 132 UINT32 BitWidth) 133 { 134 UINT32 i; 135 UINT32 ByteWidth; 136 ACPI_IO_ADDRESS LastAddress; 137 const ACPI_PORT_INFO *PortInfo; 138 139 140 ACPI_FUNCTION_TRACE (HwValidateIoRequest); 141 142 143 /* Supported widths are 8/16/32 */ 144 145 if ((BitWidth != 8) && 146 (BitWidth != 16) && 147 (BitWidth != 32)) 148 { 149 ACPI_ERROR ((AE_INFO, 150 "Bad BitWidth parameter: %8.8X", BitWidth)); 151 return_ACPI_STATUS (AE_BAD_PARAMETER); 152 } 153 154 PortInfo = AcpiProtectedPorts; 155 ByteWidth = ACPI_DIV_8 (BitWidth); 156 LastAddress = Address + ByteWidth - 1; 157 158 ACPI_DEBUG_PRINT ((ACPI_DB_IO, 159 "Address %8.8X%8.8X LastAddress %8.8X%8.8X Length %X", 160 ACPI_FORMAT_UINT64 (Address), ACPI_FORMAT_UINT64 (LastAddress), 161 ByteWidth)); 162 163 /* Maximum 16-bit address in I/O space */ 164 165 if (LastAddress > ACPI_UINT16_MAX) 166 { 167 ACPI_ERROR ((AE_INFO, 168 "Illegal I/O port address/length above 64K: %8.8X%8.8X/0x%X", 169 ACPI_FORMAT_UINT64 (Address), ByteWidth)); 170 return_ACPI_STATUS (AE_LIMIT); 171 } 172 173 /* Exit if requested address is not within the protected port table */ 174 175 if (Address > AcpiProtectedPorts[ACPI_PORT_INFO_ENTRIES - 1].End) 176 { 177 return_ACPI_STATUS (AE_OK); 178 } 179 180 /* Check request against the list of protected I/O ports */ 181 182 for (i = 0; i < ACPI_PORT_INFO_ENTRIES; i++, PortInfo++) 183 { 184 /* 185 * Check if the requested address range will write to a reserved 186 * port. There are four cases to consider: 187 * 188 * 1) Address range is contained completely in the port address range 189 * 2) Address range overlaps port range at the port range start 190 * 3) Address range overlaps port range at the port range end 191 * 4) Address range completely encompasses the port range 192 */ 193 if ((Address <= PortInfo->End) && (LastAddress >= PortInfo->Start)) 194 { 195 /* Port illegality may depend on the _OSI calls made by the BIOS */ 196 197 if (AcpiGbl_OsiData >= PortInfo->OsiDependency) 198 { 199 ACPI_DEBUG_PRINT ((ACPI_DB_VALUES, 200 "Denied AML access to port 0x%8.8X%8.8X/%X (%s 0x%.4X-0x%.4X)\n", 201 ACPI_FORMAT_UINT64 (Address), ByteWidth, PortInfo->Name, 202 PortInfo->Start, PortInfo->End)); 203 204 return_ACPI_STATUS (AE_AML_ILLEGAL_ADDRESS); 205 } 206 } 207 208 /* Finished if address range ends before the end of this port */ 209 210 if (LastAddress <= PortInfo->End) 211 { 212 break; 213 } 214 } 215 216 return_ACPI_STATUS (AE_OK); 217 } 218 219 220 /****************************************************************************** 221 * 222 * FUNCTION: AcpiHwReadPort 223 * 224 * PARAMETERS: Address Address of I/O port/register to read 225 * Value Where value (data) is returned 226 * Width Number of bits 227 * 228 * RETURN: Status and value read from port 229 * 230 * DESCRIPTION: Read data from an I/O port or register. This is a front-end 231 * to AcpiOsReadPort that performs validation on both the port 232 * address and the length. 233 * 234 *****************************************************************************/ 235 236 ACPI_STATUS 237 AcpiHwReadPort ( 238 ACPI_IO_ADDRESS Address, 239 UINT32 *Value, 240 UINT32 Width) 241 { 242 ACPI_STATUS Status; 243 UINT32 OneByte; 244 UINT32 i; 245 246 247 /* Truncate address to 16 bits if requested */ 248 249 if (AcpiGbl_TruncateIoAddresses) 250 { 251 Address &= ACPI_UINT16_MAX; 252 } 253 254 /* Validate the entire request and perform the I/O */ 255 256 Status = AcpiHwValidateIoRequest (Address, Width); 257 if (ACPI_SUCCESS (Status)) 258 { 259 Status = AcpiOsReadPort (Address, Value, Width); 260 return (Status); 261 } 262 263 if (Status != AE_AML_ILLEGAL_ADDRESS) 264 { 265 return (Status); 266 } 267 268 /* 269 * There has been a protection violation within the request. Fall 270 * back to byte granularity port I/O and ignore the failing bytes. 271 * This provides compatibility with other ACPI implementations. 272 */ 273 for (i = 0, *Value = 0; i < Width; i += 8) 274 { 275 /* Validate and read one byte */ 276 277 if (AcpiHwValidateIoRequest (Address, 8) == AE_OK) 278 { 279 Status = AcpiOsReadPort (Address, &OneByte, 8); 280 if (ACPI_FAILURE (Status)) 281 { 282 return (Status); 283 } 284 285 *Value |= (OneByte << i); 286 } 287 288 Address++; 289 } 290 291 return (AE_OK); 292 } 293 294 295 /****************************************************************************** 296 * 297 * FUNCTION: AcpiHwWritePort 298 * 299 * PARAMETERS: Address Address of I/O port/register to write 300 * Value Value to write 301 * Width Number of bits 302 * 303 * RETURN: Status 304 * 305 * DESCRIPTION: Write data to an I/O port or register. This is a front-end 306 * to AcpiOsWritePort that performs validation on both the port 307 * address and the length. 308 * 309 *****************************************************************************/ 310 311 ACPI_STATUS 312 AcpiHwWritePort ( 313 ACPI_IO_ADDRESS Address, 314 UINT32 Value, 315 UINT32 Width) 316 { 317 ACPI_STATUS Status; 318 UINT32 i; 319 320 321 /* Truncate address to 16 bits if requested */ 322 323 if (AcpiGbl_TruncateIoAddresses) 324 { 325 Address &= ACPI_UINT16_MAX; 326 } 327 328 /* Validate the entire request and perform the I/O */ 329 330 Status = AcpiHwValidateIoRequest (Address, Width); 331 if (ACPI_SUCCESS (Status)) 332 { 333 Status = AcpiOsWritePort (Address, Value, Width); 334 return (Status); 335 } 336 337 if (Status != AE_AML_ILLEGAL_ADDRESS) 338 { 339 return (Status); 340 } 341 342 /* 343 * There has been a protection violation within the request. Fall 344 * back to byte granularity port I/O and ignore the failing bytes. 345 * This provides compatibility with other ACPI implementations. 346 */ 347 for (i = 0; i < Width; i += 8) 348 { 349 /* Validate and write one byte */ 350 351 if (AcpiHwValidateIoRequest (Address, 8) == AE_OK) 352 { 353 Status = AcpiOsWritePort (Address, (Value >> i) & 0xFF, 8); 354 if (ACPI_FAILURE (Status)) 355 { 356 return (Status); 357 } 358 } 359 360 Address++; 361 } 362 363 return (AE_OK); 364 } 365