From: sashiko-bot@kernel.org
To: "Wei Wang" <wei.w.wang@hotmail.com>
Cc: linux-pci@vger.kernel.org
Subject: Re: [PATCH v7 5/6] PCI: Enable the enhanced ACS controls introduced by PCI_ACS_ECAP
Date: Wed, 06 May 2026 21:32:19 +0000 [thread overview]
Message-ID: <20260506213219.ED7C6C2BCB0@smtp.kernel.org> (raw)
In-Reply-To: <SI2PR01MB4393F6FB65CF0A46E8E89B86DC3F2@SI2PR01MB4393.apcprd01.prod.exchangelabs.com>
Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [High] The `config_acs=` boot parameter parser incorrectly validates the newly added ACS Enhanced Capability controls (bits 8-12), unconditionally rejecting valid configurations and bypassing administrator-defined isolation policies.
--
commit 7640f1b4b51e699ac56a5798f5e8dbb9114e4b25
Author: Wei Wang <wei.w.wang@hotmail.com>
PCI: Enable the enhanced ACS controls introduced by PCI_ACS_ECAP
The ACS Enhanced Capability introduces several new access controls to
improve device isolation. These new controls are particularly important
for device passthrough in virtualization scenarios.
> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> index 0c159ab59e14b..32e82859089c8 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -5265,13 +5265,22 @@ Kernel parameters
> flags.
>
> ACS Flags is defined as follows:
> - bit-0 : ACS Source Validation
> - bit-1 : ACS Translation Blocking
> - bit-2 : ACS P2P Request Redirect
> - bit-3 : ACS P2P Completion Redirect
> - bit-4 : ACS Upstream Forwarding
> - bit-5 : ACS P2P Egress Control
> - bit-6 : ACS Direct Translated P2P
> + bit-0 : ACS Source Validation
> + bit-1 : ACS Translation Blocking
> + bit-2 : ACS P2P Request Redirect
> + bit-3 : ACS P2P Completion Redirect
> + bit-4 : ACS Upstream Forwarding
> + bit-5 : ACS P2P Egress Control
> + bit-6 : ACS Direct Translated P2P
> + bit-7 : ACS I/O Request Blocking
> + bit-9:8 : ACS DSP Memory Target Access Ctrl
> + 00 : Direct Request access enabled
> + 01 : Request blocking enabled
> + 10 : Request redirect enabled
> + 11 : Reserved
> + bit-11:10 : ACS USP Memory Target Access Ctrl
> + Same encoding as bit-9:8
> + bit-12 : ACS Unclaimed Request Redirect Ctrl
> Each bit can be marked as:
> '0' – force disabled
> '1' – force enabled
Does this configuration introduce a regression where valid inputs for bits 8
through 12 are unconditionally rejected?
Looking at the parser in drivers/pci/pci.c:pci_param_config_acs(), it validates
the requested bits against the hardware capabilities:
u16 shift = 0, max_shift = fls(dev->acs_capabilities) - 1;
...
if (shift > max_shift) {
pci_err(dev, "ACS flag bit %d exceed range %d\n",
shift, max_shift);
return;
}
...
if (enabled_bits & ~dev->acs_capabilities) {
pci_err(dev, "Invalid ACS enable flags specified: %#06x\n",
(u16)(enabled_bits & ~dev->acs_capabilities));
return;
}
Since bits 8 through 15 of the ACS Capability Register represent the Egress
Control Vector Size rather than capability flags, validating bits 8-12 against
dev->acs_capabilities appears to be incorrect.
If the Egress Control Vector Size is 0, max_shift will be 7, and the parser
will reject any attempt to configure bits 8 through 12. If it is non-zero, the
bitwise validation will fail unpredictably depending on the size value.
Will this cause the requested administrator-defined isolation policies to be
bypassed?
[ ... ]
--
Sashiko AI review · https://sashiko.dev/#/patchset/SI2PR01MB439385689A32A1DDA9CEABE1DC3F2@SI2PR01MB4393.apcprd01.prod.exchangelabs.com?part=5
next prev parent reply other threads:[~2026-05-06 21:32 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-06 14:10 [PATCH v7 0/6] PCI: Add support for ACS Enhanced Capability Wei Wang
2026-05-06 14:10 ` [PATCH v7 1/6] PCI: Validate ACS enable flags against device-specific ACS capabilities Wei Wang
2026-05-06 20:01 ` sashiko-bot
2026-05-06 14:10 ` [PATCH v7 2/6] Documentation/kernel-parameters: Add multi-device config_acs example Wei Wang
2026-05-06 20:12 ` sashiko-bot
2026-05-06 22:06 ` Randy Dunlap
2026-05-07 13:45 ` Wei Wang
2026-05-06 14:10 ` [PATCH v7 3/6] PCI: Consolidate delimiter handling into pci_dev_str_match() Wei Wang
2026-05-06 16:13 ` Wei Wang
2026-05-06 20:37 ` sashiko-bot
2026-05-06 14:10 ` [PATCH v7 4/6] PCI: Refactor disable_acs_redir and config_acs param handling Wei Wang
2026-05-06 21:07 ` sashiko-bot
2026-05-06 14:10 ` [PATCH v7 5/6] PCI: Enable the enhanced ACS controls introduced by PCI_ACS_ECAP Wei Wang
2026-05-06 21:32 ` sashiko-bot [this message]
2026-05-06 14:10 ` [PATCH v7 6/6] PCI: Add the enhanced ACS controls check to pci_acs_flags_enabled() Wei Wang
2026-05-06 21:57 ` sashiko-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260506213219.ED7C6C2BCB0@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=sashiko@lists.linux.dev \
--cc=wei.w.wang@hotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox