From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6BBBC001DC for ; Sun, 30 Jul 2023 19:46:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229530AbjG3TqW (ORCPT ); Sun, 30 Jul 2023 15:46:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48896 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229477AbjG3TqS (ORCPT ); Sun, 30 Jul 2023 15:46:18 -0400 X-Greylist: delayed 327 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Sun, 30 Jul 2023 12:45:55 PDT Received: from bmailout3.hostsharing.net (bmailout3.hostsharing.net [IPv6:2a01:4f8:150:2161:1:b009:f23e:0]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ACFC119BB; Sun, 30 Jul 2023 12:45:55 -0700 (PDT) Received: from h08.hostsharing.net (h08.hostsharing.net [IPv6:2a01:37:1000::53df:5f1c:0]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "*.hostsharing.net", Issuer "RapidSSL Global TLS RSA4096 SHA256 2022 CA1" (verified OK)) by bmailout3.hostsharing.net (Postfix) with ESMTPS id 00F7D100D5860; Sun, 30 Jul 2023 21:40:27 +0200 (CEST) Received: by h08.hostsharing.net (Postfix, from userid 100393) id B5CD2120C49; Sun, 30 Jul 2023 21:40:26 +0200 (CEST) Date: Sun, 30 Jul 2023 21:40:26 +0200 From: Lukas Wunner To: Vidya Sagar Cc: bhelgaas@google.com, alex.williamson@redhat.com, treding@nvidia.com, jonathanh@nvidia.com, linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org, vsethi@nvidia.com, kthota@nvidia.com, mmaddireddy@nvidia.com, sagar.tv@gmail.com Subject: Re: [PATCH V3] PCI: pciehp: Disable ACS Source Validation during hot-remove Message-ID: <20230730194026.GA19962@wunner.de> References: <20230111190533.29979-1-vidyas@nvidia.com> <20230730191519.3124390-1-vidyas@nvidia.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230730191519.3124390-1-vidyas@nvidia.com> User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-pci@vger.kernel.org On Mon, Jul 31, 2023 at 12:45:19AM +0530, Vidya Sagar wrote: > PCIe 6.0, 6.12.1.1 specifies that downstream devices are permitted to > send upstream messages before they have been assigned a bus number and > such messages have a Requester ID with Bus number set to 00h. > If the Downstream port has ACS Source Validation enabled, these messages > will be detected as ACS violation error. > > Hence, disable ACS Source Validation in the bridge device during > hot-remove operation and re-enable it after enumeration of the > downstream hierarchy but before binding the respective device drivers. What are these messages that are sent before assignment of a bus number? What's the user-visible issue that occurs when they're blocked? Doesn't disabling Source Validation introduce a security hole because the device may spoof messages before Source Validation is re-enabled? PCIe r6.1 sec 6.12.1.1 does indeed point out that the downstream device is *permitted* to send these messages but the Implementation Note does *not* prescribe that Source Validation shall be disabled to let them through. It merely points out that the messages may be filtered if Source Validation is enabled. Thanks, Lukas