| blob | bfafd70ffe8386fc138121274e9262731614cc6d |
1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
12 /*
13 * Copyright 2021 Oxide Computer Company
14 */
16 /*
17 * PCIe shenanigans
18 *
19 * Currently this implements several different views at seeing into PCIe devices
20 * and is designed to (hopefully) replace pcitool and be a vector for new system
21 * functionality such as dealing with multicast filtering, ACS, etc.
22 *
23 * While most subcommands have their own implementations, there are a couple of
24 * things that are worth bearing in mind:
25 *
26 * 1) Where possible, prefer the use of libofmt. In particular, having good,
27 * parsable output is important. New subcommands should strive to meet that.
28 *
29 * 2) Because we're often processing binary data (and it's good hygiene),
30 * subcommands should make sure to drop privileges as early as they can by
31 * calling pcieadm_init_privs(). More on privileges below.
32 *
33 * Privilege Management
34 * --------------------
35 *
36 * In an attempt to minimize privilege exposure, but to allow subcommands
37 * flexibility when required (e.g. show-cfgspace needs full privs to read from
38 * the kernel), we have two privilege sets that we maintain. One which is the
39 * minimial privs, which basically is a set that has stripped everything. This
40 * is 'pia_priv_min'. The second is one that allows a subcommand to add in
41 * privileges that it requires which will be left in the permitted set. These
42 * are in 'pia_priv_eff'. It's important to know that this set is always
43 * intersected with what the user actually has, so this is not meant to be a way
44 * for a caller to get more privileges than they already have.
45 *
46 * A subcommand is expected to call pcieadm_init_privs() once they have
47 * processed enough arguments that they can set an upper bound on privileges.
48 * It's worth noting that a subcommand will be executed in an already minimial
49 * environment; however, we will have already set up a libdevinfo handle for
50 * them, which should make the need to do much more not so bad.
51 */
53 #include <stdio.h>
54 #include <stdlib.h>
55 #include <stdarg.h>
56 #include <unistd.h>
57 #include <err.h>
58 #include <libdevinfo.h>
59 #include <strings.h>
60 #include <sys/stat.h>
61 #include <sys/pci_tools.h>
62 #include <sys/pci.h>
63 #include <sys/types.h>
64 #include <fcntl.h>
65 #include <sys/debug.h>
66 #include <upanic.h>
67 #include <libgen.h>
71 pcieadm_t pcieadm;
74 void
76 {
80 }
86 }
90 }
94 }
96 void
98 {
100 }
102 void
104 {
107 }
109 void
111 {
116 }
121 }
123 void
125 {
130 }
132 /*
133 * We determine if a node is PCI in a two step process. The first is to see if
134 * the node's name starts with pci, and has an additional character that
135 * indicates it's not the synthetic root of the tree. However, the node name
136 * changes for some classes of devices such as GPUs. As such, for those we try
137 * to look at the compatible property and see if we have a pciexclass or
138 * pciclass entry. We look specifically for the class to make sure that we don't
139 * fall for the synthetic nodes that have a compatible property of
140 * 'pciex_root_complex'.
141 *
142 * The compatible property is a single string that is actually a compressed
143 * string. That is, there are multiple strings concatenated together in a single
144 * pointer.
145 */
146 static boolean_t
148 {
156 }
162 }
169 }
172 }
175 }
177 static int
179 {
184 }
187 }
189 void
191 {
193 pcieadm_di_walk_cb);
194 }
196 /*
197 * Attempt to find the nexus that corresponds to this device. To do this, we
198 * walk up and walk the minors until we find a "reg" minor.
199 */
200 void
202 {
203 di_node_t cur;
214 }
215 }
216 }
217 }
219 static int
221 {
231 }
237 }
242 path);
243 }
259 }
262 }
266 }
269 }
271 void
273 {
274 pcieadm_di_walk_t walk;
276 /*
277 * If someone specifies /devices, just skip over it.
278 */
282 }
291 }
297 }
298 }
304 static boolean_t
306 {
324 }
326 }
329 }
331 void
334 {
341 }
345 }
349 path);
350 }
354 }
359 }
364 }
369 }
374 }
376 /*
377 * Assume if we were given a FIFO, character/block device, socket, or
378 * something else that it's probably fine.
379 */
384 }
389 }
391 void
393 {
397 }
407 static boolean_t
409 {
412 pcitool_reg_t pci_reg;
438 len);
439 }
443 }
447 }
451 }
466 }
469 }
471 void
474 {
482 }
488 }
493 }
497 }
501 }
508 }
514 }
524 }
526 void
528 {
533 }
540 };
542 static void
544 {
545 uint_t cmd;
553 }
556 pcieadm_progname);
561 }
562 }
563 }
565 int
567 {
568 uint_t cmd;
575 }
580 }
581 }
586 }
592 /*
593 * Set up common things that all of pcieadm needs before dispatching to
594 * a specific sub-command.
595 */
599 }
604 }
606 /*
607 * Set up privileges now that we have already opened our core libraries.
608 * We first set up the minimum actual privilege set that we use while
609 * running. We next set up a second privilege set that has additional
610 * privileges that are intersected with the users actual privileges and
611 * are appended to by the underlying command backends.
612 */
615 }
619 }
623 }
627 }
629 /*
630 * Note, PRIV_FILE_READ is not removed from the basic set so that way we
631 * can still open libraries that are required due to lazy loading.
632 */
648 }
651 }