[pve-kernel.git] / patches / kernel / 0003-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Mark Weiman <mark.weiman@markzz.com>
Date: Wed, 7 Feb 2018 16:04:03 -0500
Subject: [PATCH] pci: Enable overrides for missing ACS capabilities (4.15)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This an updated version of Alex Williamson's patch from:
https://lkml.org/lkml/2013/5/30/513

Original commit message follows:
PCIe ACS (Access Control Services) is the PCIe 2.0+ feature that
allows us to control whether transactions are allowed to be redirected
in various subnodes of a PCIe topology.  For instance, if two
endpoints are below a root port or downsteam switch port, the
downstream port may optionally redirect transactions between the
devices, bypassing upstream devices.  The same can happen internally
on multifunction devices.  The transaction may never be visible to the
upstream devices.

One upstream device that we particularly care about is the IOMMU.  If
a redirection occurs in the topology below the IOMMU, then the IOMMU
cannot provide isolation between devices.  This is why the PCIe spec
encourages topologies to include ACS support.  Without it, we have to
assume peer-to-peer DMA within a hierarchy can bypass IOMMU isolation.

Unfortunately, far too many topologies do not support ACS to make this
a steadfast requirement.  Even the latest chipsets from Intel are only
sporadically supporting ACS.  We have trouble getting interconnect
vendors to include the PCIe spec required PCIe capability, let alone
suggested features.

Therefore, we need to add some flexibility.  The pcie_acs_override=
boot option lets users opt-in specific devices or sets of devices to
assume ACS support.  The "downstream" option assumes full ACS support
on root ports and downstream switch ports.  The "multifunction"
option assumes the subset of ACS features available on multifunction
endpoints and upstream switch ports are supported.  The "id:nnnn:nnnn"
option enables ACS support on devices matching the provided vendor
and device IDs, allowing more strategic ACS overrides.  These options
may be combined in any order.  A maximum of 16 id specific overrides
are available.  It's suggested to use the most limited set of options
necessary to avoid completely disabling ACS across the topology.
Note to hardware vendors, we have facilities to permanently quirk
specific devices which enforce isolation but not provide an ACS
capability.  Please contact me to have your devices added and save
your customers the hassle of this boot option.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 .../admin-guide/kernel-parameters.txt         |   9 ++
 drivers/pci/quirks.c                          | 102 ++++++++++++++++++
 2 files changed, 111 insertions(+)

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index c73168dbb050..754fa5793a4d 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -3943,6 +3943,15 @@
 				Also, it enforces the PCI Local Bus spec
 				rule that those bits should be 0 in system reset
 				events (useful for kexec/kdump cases).
+		pci_acs_override =
+				[PCIE] Override missing PCIe ACS support for:
+				downstream
+					All downstream ports - full ACS capabilities
+				multifunction
+					Add multifunction devices - multifunction ACS subset
+				id:nnnn:nnnn
+					Specific device - full ACS capabilities
+					Specified as vid:did (vendor/device ID) in hex
 		noioapicquirk	[APIC] Disable all boot interrupt quirks.
 				Safety option to keep boot IRQs enabled. This
 				should never be necessary.
diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
index 1c566b0cbee9..d49c54c579bb 100644
--- a/drivers/pci/quirks.c
+++ b/drivers/pci/quirks.c
@@ -193,6 +193,106 @@ static int __init pci_apply_final_quirks(void)
 }
 fs_initcall_sync(pci_apply_final_quirks);
 
+static bool acs_on_downstream;
+static bool acs_on_multifunction;
+
+#define NUM_ACS_IDS 16
+struct acs_on_id {
+	unsigned short vendor;
+	unsigned short device;
+};
+static struct acs_on_id acs_on_ids[NUM_ACS_IDS];
+static u8 max_acs_id;
+
+static __init int pcie_acs_override_setup(char *p)
+{
+	if (!p)
+		return -EINVAL;
+
+	while (*p) {
+		if (!strncmp(p, "downstream", 10))
+			acs_on_downstream = true;
+		if (!strncmp(p, "multifunction", 13))
+			acs_on_multifunction = true;
+		if (!strncmp(p, "id:", 3)) {
+			char opt[5];
+			int ret;
+			long val;
+
+			if (max_acs_id >= NUM_ACS_IDS - 1) {
+				pr_warn("Out of PCIe ACS override slots (%d)\n",
+						NUM_ACS_IDS);
+				goto next;
+			}
+
+			p += 3;
+			snprintf(opt, 5, "%s", p);
+			ret = kstrtol(opt, 16, &val);
+			if (ret) {
+				pr_warn("PCIe ACS ID parse error %d\n", ret);
+				goto next;
+			}
+			acs_on_ids[max_acs_id].vendor = val;
+			p += strcspn(p, ":");
+			if (*p != ':') {
+				pr_warn("PCIe ACS invalid ID\n");
+				goto next;
+			}
+
+			p++;
+			snprintf(opt, 5, "%s", p);
+			ret = kstrtol(opt, 16, &val);
+			if (ret) {
+				pr_warn("PCIe ACS ID parse error %d\n", ret);
+				goto next;
+			}
+			acs_on_ids[max_acs_id].device = val;
+			max_acs_id++;
+		}
+next:
+		p += strcspn(p, ",");
+		if (*p == ',')
+			p++;
+	}
+
+	if (acs_on_downstream || acs_on_multifunction || max_acs_id)
+		pr_warn("Warning: PCIe ACS overrides enabled; This may allow non-IOMMU protected peer-to-peer DMA\n");
+
+	return 0;
+}
+early_param("pcie_acs_override", pcie_acs_override_setup);
+
+static int pcie_acs_overrides(struct pci_dev *dev, u16 acs_flags)
+{
+	int i;
+
+	/* Never override ACS for legacy devices or devices with ACS caps */
+	if (!pci_is_pcie(dev) ||
+		pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ACS))
+			return -ENOTTY;
+
+	for (i = 0; i < max_acs_id; i++)
+		if (acs_on_ids[i].vendor == dev->vendor &&
+			acs_on_ids[i].device == dev->device)
+				return 1;
+
+	switch (pci_pcie_type(dev)) {
+		case PCI_EXP_TYPE_DOWNSTREAM:
+		case PCI_EXP_TYPE_ROOT_PORT:
+			if (acs_on_downstream)
+				return 1;
+			break;
+		case PCI_EXP_TYPE_ENDPOINT:
+		case PCI_EXP_TYPE_UPSTREAM:
+		case PCI_EXP_TYPE_LEG_END:
+		case PCI_EXP_TYPE_RC_END:
+			if (acs_on_multifunction && dev->multifunction)
+				return 1;
+	}
+
+	return -ENOTTY;
+}
+
 /*
  * Decoding should be disabled for a PCI device during BAR sizing to avoid
  * conflict. But doing so may cause problems on host bridge and perhaps other
@@ -4927,6 +5027,8 @@ static const struct pci_dev_acs_enabled {
 	{ PCI_VENDOR_ID_CAVIUM, 0xA060, pci_quirk_mf_endpoint_acs },
 	/* APM X-Gene */
 	{ PCI_VENDOR_ID_AMCC, 0xE004, pci_quirk_xgene_acs },
+	/* Enable overrides for missing ACS capabilities */
+	{ PCI_ANY_ID, PCI_ANY_ID, pcie_acs_overrides },
 	/* Ampere Computing */
 	{ PCI_VENDOR_ID_AMPERE, 0xE005, pci_quirk_xgene_acs },
 	{ PCI_VENDOR_ID_AMPERE, 0xE006, pci_quirk_xgene_acs },
Commit	Line	Data
	1	From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
	2	From: Mark Weiman <mark.weiman@markzz.com>
	3	Date: Wed, 7 Feb 2018 16:04:03 -0500
	4	Subject: [PATCH] pci: Enable overrides for missing ACS capabilities (4.15)
	5	MIME-Version: 1.0
	6	Content-Type: text/plain; charset=UTF-8
	7	Content-Transfer-Encoding: 8bit
	8
	9	This an updated version of Alex Williamson's patch from:
	10	https://lkml.org/lkml/2013/5/30/513
	11
	12	Original commit message follows:
	13	PCIe ACS (Access Control Services) is the PCIe 2.0+ feature that
	14	allows us to control whether transactions are allowed to be redirected
	15	in various subnodes of a PCIe topology. For instance, if two
	16	endpoints are below a root port or downsteam switch port, the
	17	downstream port may optionally redirect transactions between the
	18	devices, bypassing upstream devices. The same can happen internally
	19	on multifunction devices. The transaction may never be visible to the
	20	upstream devices.
	21
	22	One upstream device that we particularly care about is the IOMMU. If
	23	a redirection occurs in the topology below the IOMMU, then the IOMMU
	24	cannot provide isolation between devices. This is why the PCIe spec
	25	encourages topologies to include ACS support. Without it, we have to
	26	assume peer-to-peer DMA within a hierarchy can bypass IOMMU isolation.
	27
	28	Unfortunately, far too many topologies do not support ACS to make this
	29	a steadfast requirement. Even the latest chipsets from Intel are only
	30	sporadically supporting ACS. We have trouble getting interconnect
	31	vendors to include the PCIe spec required PCIe capability, let alone
	32	suggested features.
	33
	34	Therefore, we need to add some flexibility. The pcie_acs_override=
	35	boot option lets users opt-in specific devices or sets of devices to
	36	assume ACS support. The "downstream" option assumes full ACS support
	37	on root ports and downstream switch ports. The "multifunction"
	38	option assumes the subset of ACS features available on multifunction
	39	endpoints and upstream switch ports are supported. The "id:nnnn:nnnn"
	40	option enables ACS support on devices matching the provided vendor
	41	and device IDs, allowing more strategic ACS overrides. These options
	42	may be combined in any order. A maximum of 16 id specific overrides
	43	are available. It's suggested to use the most limited set of options
	44	necessary to avoid completely disabling ACS across the topology.
	45	Note to hardware vendors, we have facilities to permanently quirk
	46	specific devices which enforce isolation but not provide an ACS
	47	capability. Please contact me to have your devices added and save
	48	your customers the hassle of this boot option.
	49
	50	Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
	51	Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
	52	---
	53	.../admin-guide/kernel-parameters.txt \| 9 ++
	54	drivers/pci/quirks.c \| 102 ++++++++++++++++++
	55	2 files changed, 111 insertions(+)
	56
	57	diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
	58	index c73168dbb050..754fa5793a4d 100644
	59	--- a/Documentation/admin-guide/kernel-parameters.txt
	60	+++ b/Documentation/admin-guide/kernel-parameters.txt
	61	@@ -3943,6 +3943,15 @@
	62	Also, it enforces the PCI Local Bus spec
	63	rule that those bits should be 0 in system reset
	64	events (useful for kexec/kdump cases).
	65	+ pci_acs_override =
	66	+ [PCIE] Override missing PCIe ACS support for:
	67	+ downstream
	68	+ All downstream ports - full ACS capabilities
	69	+ multifunction
	70	+ Add multifunction devices - multifunction ACS subset
	71	+ id:nnnn:nnnn
	72	+ Specific device - full ACS capabilities
	73	+ Specified as vid:did (vendor/device ID) in hex
	74	noioapicquirk [APIC] Disable all boot interrupt quirks.
	75	Safety option to keep boot IRQs enabled. This
	76	should never be necessary.
	77	diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
	78	index 1c566b0cbee9..d49c54c579bb 100644
	79	--- a/drivers/pci/quirks.c
	80	+++ b/drivers/pci/quirks.c
	81	@@ -193,6 +193,106 @@ static int __init pci_apply_final_quirks(void)
	82	}
	83	fs_initcall_sync(pci_apply_final_quirks);
	84
	85	+static bool acs_on_downstream;
	86	+static bool acs_on_multifunction;
	87	+
	88	+#define NUM_ACS_IDS 16
	89	+struct acs_on_id {
	90	+ unsigned short vendor;
	91	+ unsigned short device;
	92	+};
	93	+static struct acs_on_id acs_on_ids[NUM_ACS_IDS];
	94	+static u8 max_acs_id;
	95	+
	96	+static __init int pcie_acs_override_setup(char *p)
	97	+{
	98	+ if (!p)
	99	+ return -EINVAL;
	100	+
	101	+ while (*p) {
	102	+ if (!strncmp(p, "downstream", 10))
	103	+ acs_on_downstream = true;
	104	+ if (!strncmp(p, "multifunction", 13))
	105	+ acs_on_multifunction = true;
	106	+ if (!strncmp(p, "id:", 3)) {
	107	+ char opt[5];
	108	+ int ret;
	109	+ long val;
	110	+
	111	+ if (max_acs_id >= NUM_ACS_IDS - 1) {
	112	+ pr_warn("Out of PCIe ACS override slots (%d)\n",
	113	+ NUM_ACS_IDS);
	114	+ goto next;
	115	+ }
	116	+
	117	+ p += 3;
	118	+ snprintf(opt, 5, "%s", p);
	119	+ ret = kstrtol(opt, 16, &val);
	120	+ if (ret) {
	121	+ pr_warn("PCIe ACS ID parse error %d\n", ret);
	122	+ goto next;
	123	+ }
	124	+ acs_on_ids[max_acs_id].vendor = val;
	125	+ p += strcspn(p, ":");
	126	+ if (*p != ':') {
	127	+ pr_warn("PCIe ACS invalid ID\n");
	128	+ goto next;
	129	+ }
	130	+
	131	+ p++;
	132	+ snprintf(opt, 5, "%s", p);
	133	+ ret = kstrtol(opt, 16, &val);
	134	+ if (ret) {
	135	+ pr_warn("PCIe ACS ID parse error %d\n", ret);
	136	+ goto next;
	137	+ }
	138	+ acs_on_ids[max_acs_id].device = val;
	139	+ max_acs_id++;
	140	+ }
	141	+next:
	142	+ p += strcspn(p, ",");
	143	+ if (*p == ',')
	144	+ p++;
	145	+ }
	146	+
	147	+ if (acs_on_downstream \|\| acs_on_multifunction \|\| max_acs_id)
	148	+ pr_warn("Warning: PCIe ACS overrides enabled; This may allow non-IOMMU protected peer-to-peer DMA\n");
	149	+
	150	+ return 0;
	151	+}
	152	+early_param("pcie_acs_override", pcie_acs_override_setup);
	153	+
	154	+static int pcie_acs_overrides(struct pci_dev *dev, u16 acs_flags)
	155	+{
	156	+ int i;
	157	+
	158	+ /* Never override ACS for legacy devices or devices with ACS caps */
	159	+ if (!pci_is_pcie(dev) \|\|
	160	+ pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ACS))
	161	+ return -ENOTTY;
	162	+
	163	+ for (i = 0; i < max_acs_id; i++)
	164	+ if (acs_on_ids[i].vendor == dev->vendor &&
	165	+ acs_on_ids[i].device == dev->device)
	166	+ return 1;
	167	+
	168	+ switch (pci_pcie_type(dev)) {
	169	+ case PCI_EXP_TYPE_DOWNSTREAM:
	170	+ case PCI_EXP_TYPE_ROOT_PORT:
	171	+ if (acs_on_downstream)
	172	+ return 1;
	173	+ break;
	174	+ case PCI_EXP_TYPE_ENDPOINT:
	175	+ case PCI_EXP_TYPE_UPSTREAM:
	176	+ case PCI_EXP_TYPE_LEG_END:
	177	+ case PCI_EXP_TYPE_RC_END:
	178	+ if (acs_on_multifunction && dev->multifunction)
	179	+ return 1;
	180	+ }
	181	+
	182	+ return -ENOTTY;
	183	+}
	184	+
	185	/*
	186	* Decoding should be disabled for a PCI device during BAR sizing to avoid
	187	* conflict. But doing so may cause problems on host bridge and perhaps other
	188	@@ -4927,6 +5027,8 @@ static const struct pci_dev_acs_enabled {
	189	{ PCI_VENDOR_ID_CAVIUM, 0xA060, pci_quirk_mf_endpoint_acs },
	190	/* APM X-Gene */
	191	{ PCI_VENDOR_ID_AMCC, 0xE004, pci_quirk_xgene_acs },
	192	+ /* Enable overrides for missing ACS capabilities */
	193	+ { PCI_ANY_ID, PCI_ANY_ID, pcie_acs_overrides },
	194	/* Ampere Computing */
	195	{ PCI_VENDOR_ID_AMPERE, 0xE005, pci_quirk_xgene_acs },
	196	{ PCI_VENDOR_ID_AMPERE, 0xE006, pci_quirk_xgene_acs },