From: Bjorn Helgaas <helgaas@kernel.org>
To: Jason Gunthorpe <jgg@ziepe.ca>
Cc: Manivannan Sadhasivam <mani@kernel.org>,
Manivannan Sadhasivam <manivannan.sadhasivam@oss.qualcomm.com>,
Bjorn Helgaas <bhelgaas@google.com>,
linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org,
iommu@lists.linux.dev, Naresh Kamboju <naresh.kamboju@linaro.org>,
Pavankumar Kondeti <quic_pkondeti@quicinc.com>,
Xingang Wang <wangxingang5@huawei.com>,
Marek Szyprowski <m.szyprowski@samsung.com>,
Robin Murphy <robin.murphy@arm.com>,
Alex Williamson <alex@shazbot.org>,
James Puthukattukaran <james.puthukattukaran@oracle.com>
Subject: Re: [PATCH v3 3/4] PCI: Disable ACS SV capability for the broken IDT switches
Date: Fri, 6 Feb 2026 08:46:51 -0600 [thread overview]
Message-ID: <20260206144651.GA57945@bhelgaas> (raw)
In-Reply-To: <20260206143014.GH943673@ziepe.ca>
On Fri, Feb 06, 2026 at 10:30:14AM -0400, Jason Gunthorpe wrote:
> On Fri, Feb 06, 2026 at 02:41:36PM +0530, Manivannan Sadhasivam wrote:
> > > It'd be worth expanding on this and what the effect of avoiding
> > > ACS SV is. Does this change which devices can be safely passed
> > > through to virtual guests? Does it give up isolation that users
> > > expect?
> >
> > IMO, ACS SV is somewhat broken on this switch. But we can still
> > passthrough the downstream devices to the guests. There won't be
> > ACS SV apparently, but that's what users will get with broken hw.
>
> I agree with this, the HW is very broken, let's have it at least
> work properly in Linux on bare metal out of the box.
I'm assuming the bare metal part could be done by something like this:
@@ -2555,7 +2555,7 @@ bool pci_bus_read_dev_vendor_id(struct pci_bus *bus, int devfn, u32 *l,
* ACS Source Validation errors on completions for config reads.
*/
if (bridge && bridge->vendor == PCI_VENDOR_ID_IDT &&
- bridge->device == 0x80b5)
+ (bridge->device == 0x80b5 || bridge->device == 0x8090)
return pci_idt_bus_quirk(bus, devfn, l, timeout);
> If someone really insists they need virtualization with narrow
> groups on this HW then they need to come with a more complete fix.
> Using VFIO is going to open up the reset flows that are problematic
> with the current solution, so it isn't like that is already working
> fully.
IIUC the current situation is that for these IDT switches, ACS SV is
enabled when downstream devices are passed through to guests, but
after these patches, it will no longer be enabled.
So my question is whether users are giving up some isolation. If so,
should we even allow devices to be passed through to guests? If we do
allow that, do users have any indication that they're not getting what
they expect?
next prev parent reply other threads:[~2026-02-06 14:46 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-02 15:34 [PATCH v3 0/4] PCI: Fix ACS enablement for Root Ports in OF platforms Manivannan Sadhasivam via B4 Relay
2026-01-02 15:34 ` [PATCH v3 1/4] PCI: Enable ACS only after configuring IOMMU for " Manivannan Sadhasivam via B4 Relay
2026-02-04 23:33 ` Bjorn Helgaas
2026-02-06 9:18 ` Manivannan Sadhasivam
2026-02-06 15:37 ` Robin Murphy
2026-04-03 16:45 ` Regression " Jon Kohler
2026-04-03 16:52 ` Manivannan Sadhasivam
2026-04-03 16:47 ` Jon Kohler
2026-01-02 15:34 ` [PATCH v3 2/4] PCI: Cache ACS capabilities Manivannan Sadhasivam via B4 Relay
2026-01-02 15:34 ` [PATCH v3 3/4] PCI: Disable ACS SV capability for the broken IDT switches Manivannan Sadhasivam via B4 Relay
2026-02-05 23:39 ` Bjorn Helgaas
2026-02-06 9:11 ` Manivannan Sadhasivam
2026-02-06 14:30 ` Jason Gunthorpe
2026-02-06 14:43 ` Robin Murphy
2026-02-06 14:46 ` Bjorn Helgaas [this message]
2026-02-06 14:52 ` Jason Gunthorpe
2026-02-06 15:05 ` Bjorn Helgaas
2026-02-06 15:07 ` Jason Gunthorpe
2026-01-02 15:34 ` [PATCH v3 4/4] PCI: Extend the pci_disable_broken_acs_cap() quirk for one more IDT switch Manivannan Sadhasivam via B4 Relay
2026-01-29 17:42 ` [PATCH v3 0/4] PCI: Fix ACS enablement for Root Ports in OF platforms Manivannan Sadhasivam
2026-01-29 18:06 ` Jason Gunthorpe
2026-02-06 18:32 ` Bjorn Helgaas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260206144651.GA57945@bhelgaas \
--to=helgaas@kernel.org \
--cc=alex@shazbot.org \
--cc=bhelgaas@google.com \
--cc=iommu@lists.linux.dev \
--cc=james.puthukattukaran@oracle.com \
--cc=jgg@ziepe.ca \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=mani@kernel.org \
--cc=manivannan.sadhasivam@oss.qualcomm.com \
--cc=naresh.kamboju@linaro.org \
--cc=quic_pkondeti@quicinc.com \
--cc=robin.murphy@arm.com \
--cc=wangxingang5@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox