github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/sys/linux/dev_vfio.txt

github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/sys/linux/dev_vfio.txt (about)

     1  # Copyright 2019 syzkaller project authors. All rights reserved.
     2  # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
     3  
     4  # NOTE: This is an incomplete description for the VFIO system calls because no groups were added in the container. The desired coverage was not reached.
     5  
     6  # https://www.kernel.org/doc/Documentation/vfio.txt
     7  # https://elixir.bootlin.com/linux/latest/source/drivers/vfio/vfio.c
     8  # https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/vfio.h
     9  # https://elixir.bootlin.com/linux/latest/source/drivers/vfio/vfio_iommu_type1.c
    10  
    11  include <uapi/linux/fcntl.h>
    12  include <uapi/linux/vfio.h>
    13  
    14  resource fd_vfio[fd]
    15  
    16  openat$vfio(fd const[AT_FDCWD], file ptr[in, string["/dev/vfio/vfio"]], flags flags[open_flags], mode const[0]) fd_vfio
    17  
    18  ioctl$VFIO_GET_API_VERSION(fd fd_vfio, cmd const[VFIO_GET_API_VERSION])
    19  ioctl$VFIO_CHECK_EXTENSION(fd fd_vfio, cmd const[VFIO_CHECK_EXTENSION], arg flags[iommu_flags])
    20  ioctl$VFIO_SET_IOMMU(fd fd_vfio, cmd const[VFIO_SET_IOMMU], arg flags[iommu_flags])
    21  
    22  ioctl$VFIO_IOMMU_GET_INFO(fd fd_vfio, cmd const[VFIO_IOMMU_GET_INFO], arg ptr[in, vfio_iommu_type1_info])
    23  ioctl$VFIO_IOMMU_MAP_DMA(fd fd_vfio, cmd const[VFIO_IOMMU_MAP_DMA], arg ptr[in, vfio_iommu_type1_dma_map])
    24  ioctl$VFIO_IOMMU_UNMAP_DMA(fd fd_vfio, cmd const[VFIO_IOMMU_UNMAP_DMA], arg ptr[in, vfio_iommu_type1_dma_unmap])
    25  
    26  vfio_iommu_type1_info {
    27  	argsz		len[parent, int32]
    28  	flags		const[0, int32]
    29  	iova_pgsizes	int64	(out)
    30  	cap_offset	int32	(out)
    31  # iommufd constructs the cap chain like this, vfio will work as well but the things will be jumbled a bit
    32  	cap1		vfio_iommu_type1_info_dma_avail	(out)
    33  	cap2		vfio_iommu_type1_info_cap_iova_range	(out)
    34  }
    35  
    36  vfio_iommu_type1_dma_map {
    37  	argsz	len[parent, int32]
    38  	flags	flags[vfio_map_flags, int32]
    39  	user_va	ptr64[in, array[int8]]
    40  	iova	int64
    41  	size	int64
    42  }
    43  
    44  vfio_iommu_type1_dma_unmap {
    45  	argsz	len[parent, int32]
    46  	flags	flags[vfio_unmap_flags, int32]
    47  	iova	int64
    48  	size	int64
    49  	data	array[int8]
    50  }
    51  
    52  vfio_info_cap_header {
    53  	id	int16
    54  	version	int16
    55  	next	int16
    56  }
    57  
    58  vfio_iova_range {
    59  	start	int64
    60  	end	int64
    61  }
    62  
    63  vfio_iommu_type1_info_cap_iova_range {
    64  	header		vfio_info_cap_header
    65  	nr_iovs		int32
    66  	reserved	int32
    67  	iova_ranges	array[vfio_iova_range]
    68  }
    69  
    70  vfio_iommu_type1_info_dma_avail {
    71  	header	vfio_info_cap_header
    72  	avail	int32
    73  }
    74  
    75  iommu_flags = VFIO_TYPE1_IOMMU, VFIO_SPAPR_TCE_IOMMU, VFIO_TYPE1v2_IOMMU, VFIO_DMA_CC_IOMMU, VFIO_EEH, VFIO_TYPE1_NESTING_IOMMU, VFIO_SPAPR_TCE_v2_IOMMU, VFIO_NOIOMMU_IOMMU
    76  vfio_map_flags = VFIO_DMA_MAP_FLAG_READ, VFIO_DMA_MAP_FLAG_WRITE
    77  vfio_unmap_flags = VFIO_DMA_UNMAP_FLAG_GET_DIRTY_BITMAP, VFIO_DMA_UNMAP_FLAG_ALL, VFIO_DMA_UNMAP_FLAG_VADDR