From: Jason Gunthorpe <jgg@nvidia.com>
To: Yi Liu <yi.l.liu@intel.com>
Cc: Nicolin Chen <nicolinc@nvidia.com>,
will@kernel.org, robin.murphy@arm.com, bhelgaas@google.com,
joro@8bytes.org, praan@google.com, baolu.lu@linux.intel.com,
kevin.tian@intel.com, miko.lenczewski@arm.com,
linux-arm-kernel@lists.infradead.org, iommu@lists.linux.dev,
linux-kernel@vger.kernel.org, linux-pci@vger.kernel.org,
dan.j.williams@intel.com, jonathan.cameron@huawei.com,
vsethi@nvidia.com, linux-cxl@vger.kernel.org, nirmoyd@nvidia.com
Subject: Re: [PATCH v4 1/3] PCI: Allow ATS to be always on for CXL.cache capable devices
Date: Thu, 21 May 2026 10:05:44 -0300 [thread overview]
Message-ID: <20260521130544.GE3602937@nvidia.com> (raw)
In-Reply-To: <80e7e1be-c384-470f-9949-8c0dbad165ac@intel.com>
On Thu, May 21, 2026 at 03:31:46PM +0800, Yi Liu wrote:
> Does this hardware behavior satisfy the security expectation you have in
> mind? Or do you still require that both the DTE bit and the PCI ATS
> capability be explicitly disabled when a blocking domain is in effect?
If the HW rejects translated TLPs then you should be clearing the ATS
enable bit in the device config space prior to rejecting them
But it does seem secure enough as-is.
Jason
next prev parent reply other threads:[~2026-05-21 13:06 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-27 5:53 [PATCH v4 0/3] Allow ATS to be always on for certain ATS-capable devices Nicolin Chen
2026-04-27 5:54 ` [PATCH v4 1/3] PCI: Allow ATS to be always on for CXL.cache capable devices Nicolin Chen
2026-04-27 16:31 ` Dave Jiang
2026-04-30 21:41 ` Dan Williams (nvidia)
2026-04-30 23:28 ` Nicolin Chen
2026-05-01 23:27 ` Dan Williams (nvidia)
2026-05-01 23:46 ` Jason Gunthorpe
2026-05-02 0:19 ` Dan Williams (nvidia)
2026-05-19 19:36 ` Bjorn Helgaas
2026-05-19 22:23 ` Jason Gunthorpe
2026-05-19 23:48 ` Bjorn Helgaas
2026-05-20 0:05 ` Jason Gunthorpe
2026-05-20 1:04 ` Nicolin Chen
2026-05-20 14:20 ` Jason Gunthorpe
2026-05-20 17:29 ` Nicolin Chen
2026-05-20 17:47 ` Bjorn Helgaas
2026-05-20 17:56 ` Jason Gunthorpe
2026-05-20 13:12 ` Yi Liu
2026-05-20 14:34 ` Jason Gunthorpe
2026-05-21 7:31 ` Yi Liu
2026-05-21 13:05 ` Jason Gunthorpe [this message]
2026-04-27 5:54 ` [PATCH v4 2/3] PCI: Allow ATS to be always on for pre-CXL devices Nicolin Chen
2026-04-27 16:32 ` Dave Jiang
2026-05-20 13:12 ` Yi Liu
2026-05-20 17:50 ` Bjorn Helgaas
2026-05-20 17:53 ` Jason Gunthorpe
2026-04-27 5:54 ` [PATCH v4 3/3] iommu/arm-smmu-v3: Allow ATS to be always on Nicolin Chen
2026-04-27 16:37 ` Dave Jiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260521130544.GE3602937@nvidia.com \
--to=jgg@nvidia.com \
--cc=baolu.lu@linux.intel.com \
--cc=bhelgaas@google.com \
--cc=dan.j.williams@intel.com \
--cc=iommu@lists.linux.dev \
--cc=jonathan.cameron@huawei.com \
--cc=joro@8bytes.org \
--cc=kevin.tian@intel.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-cxl@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=miko.lenczewski@arm.com \
--cc=nicolinc@nvidia.com \
--cc=nirmoyd@nvidia.com \
--cc=praan@google.com \
--cc=robin.murphy@arm.com \
--cc=vsethi@nvidia.com \
--cc=will@kernel.org \
--cc=yi.l.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox