From: sashiko-bot@kernel.org
To: "Wei Wang" <wei.w.wang@hotmail.com>
Cc: linux-pci@vger.kernel.org
Subject: Re: [PATCH v7 5/6] PCI: Enable the enhanced ACS controls introduced by PCI_ACS_ECAP
Date: Wed, 06 May 2026 21:32:19 +0000 [thread overview]
Message-ID: <20260506213219.ED7C6C2BCB0@smtp.kernel.org> (raw)
In-Reply-To: <SI2PR01MB4393F6FB65CF0A46E8E89B86DC3F2@SI2PR01MB4393.apcprd01.prod.exchangelabs.com>
Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [High] The `config_acs=` boot parameter parser incorrectly validates the newly added ACS Enhanced Capability controls (bits 8-12), unconditionally rejecting valid configurations and bypassing administrator-defined isolation policies.
--
commit 7640f1b4b51e699ac56a5798f5e8dbb9114e4b25
Author: Wei Wang <wei.w.wang@hotmail.com>
PCI: Enable the enhanced ACS controls introduced by PCI_ACS_ECAP
The ACS Enhanced Capability introduces several new access controls to
improve device isolation. These new controls are particularly important
for device passthrough in virtualization scenarios.
> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> index 0c159ab59e14b..32e82859089c8 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -5265,13 +5265,22 @@ Kernel parameters
> flags.
>
> ACS Flags is defined as follows:
> - bit-0 : ACS Source Validation
> - bit-1 : ACS Translation Blocking
> - bit-2 : ACS P2P Request Redirect
> - bit-3 : ACS P2P Completion Redirect
> - bit-4 : ACS Upstream Forwarding
> - bit-5 : ACS P2P Egress Control
> - bit-6 : ACS Direct Translated P2P
> + bit-0 : ACS Source Validation
> + bit-1 : ACS Translation Blocking
> + bit-2 : ACS P2P Request Redirect
> + bit-3 : ACS P2P Completion Redirect
> + bit-4 : ACS Upstream Forwarding
> + bit-5 : ACS P2P Egress Control
> + bit-6 : ACS Direct Translated P2P
> + bit-7 : ACS I/O Request Blocking
> + bit-9:8 : ACS DSP Memory Target Access Ctrl
> + 00 : Direct Request access enabled
> + 01 : Request blocking enabled
> + 10 : Request redirect enabled
> + 11 : Reserved
> + bit-11:10 : ACS USP Memory Target Access Ctrl
> + Same encoding as bit-9:8
> + bit-12 : ACS Unclaimed Request Redirect Ctrl
> Each bit can be marked as:
> '0' – force disabled
> '1' – force enabled
Does this configuration introduce a regression where valid inputs for bits 8
through 12 are unconditionally rejected?
Looking at the parser in drivers/pci/pci.c:pci_param_config_acs(), it validates
the requested bits against the hardware capabilities:
u16 shift = 0, max_shift = fls(dev->acs_capabilities) - 1;
...
if (shift > max_shift) {
pci_err(dev, "ACS flag bit %d exceed range %d\n",
shift, max_shift);
return;
}
...
if (enabled_bits & ~dev->acs_capabilities) {
pci_err(dev, "Invalid ACS enable flags specified: %#06x\n",
(u16)(enabled_bits & ~dev->acs_capabilities));
return;
}
Since bits 8 through 15 of the ACS Capability Register represent the Egress
Control Vector Size rather than capability flags, validating bits 8-12 against
dev->acs_capabilities appears to be incorrect.
If the Egress Control Vector Size is 0, max_shift will be 7, and the parser
will reject any attempt to configure bits 8 through 12. If it is non-zero, the
bitwise validation will fail unpredictably depending on the size value.
Will this cause the requested administrator-defined isolation policies to be
bypassed?
[ ... ]
--
Sashiko AI review · https://sashiko.dev/#/patchset/SI2PR01MB439385689A32A1DDA9CEABE1DC3F2@SI2PR01MB4393.apcprd01.prod.exchangelabs.com?part=5
next prev parent reply other threads:[~2026-05-06 21:32 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-06 14:10 [PATCH v7 0/6] PCI: Add support for ACS Enhanced Capability Wei Wang
2026-05-06 14:10 ` [PATCH v7 1/6] PCI: Validate ACS enable flags against device-specific ACS capabilities Wei Wang
2026-05-06 20:01 ` sashiko-bot
2026-05-06 14:10 ` [PATCH v7 2/6] Documentation/kernel-parameters: Add multi-device config_acs example Wei Wang
2026-05-06 20:12 ` sashiko-bot
2026-05-06 22:06 ` Randy Dunlap
2026-05-07 13:45 ` Wei Wang
2026-05-06 14:10 ` [PATCH v7 3/6] PCI: Consolidate delimiter handling into pci_dev_str_match() Wei Wang
2026-05-06 16:13 ` Wei Wang
2026-05-06 20:37 ` sashiko-bot
2026-05-06 14:10 ` [PATCH v7 4/6] PCI: Refactor disable_acs_redir and config_acs param handling Wei Wang
2026-05-06 21:07 ` sashiko-bot
2026-05-13 10:09 ` Wei Wang
2026-05-06 14:10 ` [PATCH v7 5/6] PCI: Enable the enhanced ACS controls introduced by PCI_ACS_ECAP Wei Wang
2026-05-06 21:32 ` sashiko-bot [this message]
2026-05-06 14:10 ` [PATCH v7 6/6] PCI: Add the enhanced ACS controls check to pci_acs_flags_enabled() Wei Wang
2026-05-06 21:57 ` sashiko-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260506213219.ED7C6C2BCB0@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=sashiko@lists.linux.dev \
--cc=wei.w.wang@hotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.