From: Nicolin Chen <nicolinc@nvidia.com>
To: Bjorn Helgaas <helgaas@kernel.org>
Cc: Jason Gunthorpe <jgg@nvidia.com>,
Robin Murphy <robin.murphy@arm.com>, <joro@8bytes.org>,
<will@kernel.org>, <bhelgaas@google.com>, <iommu@lists.linux.dev>,
<linux-kernel@vger.kernel.org>, <linux-pci@vger.kernel.org>,
<patches@lists.linux.dev>, <pjaroszynski@nvidia.com>,
<vsethi@nvidia.com>
Subject: Re: [PATCH RFC v1 0/2] iommu&pci: Disable ATS during FLR resets
Date: Fri, 13 Jun 2025 14:10:15 -0700 [thread overview]
Message-ID: <aEyTtwcGLHq+ObVn@nvidia.com> (raw)
In-Reply-To: <20250613192709.GA971579@bhelgaas>
On Fri, Jun 13, 2025 at 02:27:09PM -0500, Bjorn Helgaas wrote:
> On Tue, Jun 10, 2025 at 01:30:45PM -0300, Jason Gunthorpe wrote:
> > On Tue, Jun 10, 2025 at 04:37:58PM +0100, Robin Murphy wrote:
> > > On 2025-06-09 7:45 pm, Nicolin Chen wrote:
> > > > Hi all,
> > > >
> > > > Per PCIe r6.3, sec 10.3.1 IMPLEMENTATION NOTE, software should disable ATS
> > > > before initiating a Function Level Reset, and then ensure no invalidation
> > > > requests being issued to a device when its ATS capability is disabled.
> > >
> > > Not really - what it says is that software should not expect to receive
> > > invalidate completions from a function which is in the process of being
> > > reset or powered off, and if software doesn't want to be confused by that
> > > then it should take care to wait for completion or timeout of all
> > > outstanding requests, and avoid issuing new requests, before initiating such
> > > a reset or power transition.
> >
> > The commit message can be more precise, but I agree with the
> > conclusion that the right direction for Linux is to disable and block
> > ATS, instead of trying to ignore completion time out events, or trying
> > to block page table mutations. Ie do what the implementation note
> > says..
> >
> > Maybe:
> >
> > PCIe permits a device to ignore ATS invalidation TLPs while it is
> > processing FLR. This creates a problem visible to the OS where ATS
> > invalidation commands will time out. For instance a SVA domain will
> > have no coordination with a FLR event and can racily issue ATC
> > invalidations into a resetting device.
>
> The sec 10.3.1 implementation note mentions FLR specifically, but it
> seems like *any* kind of reset would be vulnerable, e.g., SBR,
> external PERST# assert, etc?
Yes. I forgot to put a question mark in the cover-letter, asking
whether other reset routines would or not need the same trick.
So, let's apply this to all the pci_reset_fn_methods.reset_fns?
Thanks
Nicolin
next prev parent reply other threads:[~2025-06-13 21:10 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-09 18:45 [PATCH RFC v1 0/2] iommu&pci: Disable ATS during FLR resets Nicolin Chen
2025-06-09 18:45 ` [PATCH RFC v1 1/2] iommu: Introduce iommu_dev_reset_prepare() and iommu_dev_reset_done() Nicolin Chen
2025-06-10 4:26 ` Baolu Lu
2025-06-10 7:07 ` Nicolin Chen
2025-06-10 13:04 ` Jason Gunthorpe
2025-06-10 14:40 ` Robin Murphy
2025-06-10 15:36 ` Jason Gunthorpe
2025-06-10 16:31 ` Robin Murphy
2025-06-10 16:43 ` Jason Gunthorpe
2025-06-10 20:19 ` Nicolin Chen
2025-06-10 23:41 ` Jason Gunthorpe
2025-06-10 11:13 ` kernel test robot
2025-06-09 18:45 ` [PATCH RFC v1 2/2] pci: Suspend ATS before doing FLR Nicolin Chen
2025-06-10 4:27 ` Baolu Lu
2025-06-10 6:55 ` Nicolin Chen
2025-06-10 15:37 ` [PATCH RFC v1 0/2] iommu&pci: Disable ATS during FLR resets Robin Murphy
2025-06-10 16:30 ` Jason Gunthorpe
2025-06-10 20:36 ` Nicolin Chen
2025-06-10 23:43 ` Jason Gunthorpe
2025-06-13 19:27 ` Bjorn Helgaas
2025-06-13 21:10 ` Nicolin Chen [this message]
2025-06-16 13:09 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aEyTtwcGLHq+ObVn@nvidia.com \
--to=nicolinc@nvidia.com \
--cc=bhelgaas@google.com \
--cc=helgaas@kernel.org \
--cc=iommu@lists.linux.dev \
--cc=jgg@nvidia.com \
--cc=joro@8bytes.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=patches@lists.linux.dev \
--cc=pjaroszynski@nvidia.com \
--cc=robin.murphy@arm.com \
--cc=vsethi@nvidia.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.