lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 18 Sep 2020 09:27:40 -0600
From:   Rob Herring <robh@...nel.org>
To:     "Z.q. Hou" <zhiqiang.hou@....com>
Cc:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        PCI <linux-pci@...r.kernel.org>,
        Lorenzo Pieralisi <lorenzo.pieralisi@....com>,
        Bjorn Helgaas <bhelgaas@...gle.com>,
        Gustavo Pimentel <gustavo.pimentel@...opsys.com>,
        Michael Walle <michael@...le.cc>,
        Ard Biesheuvel <ardb@...nel.org>
Subject: Re: [PATCH] PCI: dwc: Added link up check in map_bus of dw_child_pcie_ops

On Fri, Sep 18, 2020 at 5:02 AM Z.q. Hou <zhiqiang.hou@....com> wrote:
>
> Hi Rob,
>
> Thanks a lot for your comments!
>
> > -----Original Message-----
> > From: Rob Herring <robh@...nel.org>
> > Sent: 2020年9月17日 4:29
> > To: Z.q. Hou <zhiqiang.hou@....com>
> > Cc: linux-kernel@...r.kernel.org; PCI <linux-pci@...r.kernel.org>; Lorenzo
> > Pieralisi <lorenzo.pieralisi@....com>; Bjorn Helgaas
> > <bhelgaas@...gle.com>; Gustavo Pimentel
> > <gustavo.pimentel@...opsys.com>; Michael Walle <michael@...le.cc>;
> > Ard Biesheuvel <ardb@...nel.org>
> > Subject: Re: [PATCH] PCI: dwc: Added link up check in map_bus of
> > dw_child_pcie_ops
> >
> > On Tue, Sep 15, 2020 at 11:49 PM Zhiqiang Hou <Zhiqiang.Hou@....com>
> > wrote:
> > >
> > > From: Hou Zhiqiang <Zhiqiang.Hou@....com>
> > >
> > > On NXP Layerscape platforms, it results in SError in the enumeration
> > > of the PCIe controller, which is not connecting with an Endpoint
> > > device. And it doesn't make sense to enumerate the Endpoints when the
> > > PCIe link is down. So this patch added the link up check to avoid to
> > > fire configuration transactions on link down bus.
> >
> > Michael reported the same issue as well.
> >
> > What happens if the link goes down between the check and the access?
>
> This patch cannot cover this case, and will get the SError.
> But I think it makes sense to avoid firing transactions on link down bus.

That's impossible to do without a race even in h/w.

> > It's a racy check. I'd like to find an alternative solution. It's even worse if
> > Layerscape is used in ECAM mode. I looked at the EDK2 setup for
> > layerscape[1] and it looks like root ports are just skipped if link is down.
> > Maybe a link down just never happens once up, but if so, then we only need
> > to check it once and fail probe.
>
> Many customers connect the FPGA Endpoint, which may establish PCIe link
> after the PCIe enumeration and then rescan the PCIe bus, so I think it should
> not exit the probe of root port even if there is not link up during enumeration.

That's a good reason. I want to unify the behavior here as it varies
per platform currently and wasn't sure which way to go.


> > I've dug into this a bit more and am curious about the PCIE_ABSERR register
> > setting which is set to:
> >
> > #define PCIE_ABSERR_SETTING 0x9401 /* Forward error of non-posted
> > request */
> >
> > It seems to me this is not what we want at least for config accesses, but
> > commit 84d897d6993 where this was added seems to say otherwise. Is it not
> > possible to configure the response per access type?
>
> Thanks a lot for your investigation!
> The story is like this: Some customers worry about these silent error (DWC PCIe
> IP won't forward the error of outbound non-post request by default), so we
> were pushed to enable the error forwarding to AXI in the commit
> 84d897d6993 as you saw. But it cannot differentiate the config transactions
> from the MEM_rd, except the Vendor ID access, which is controlled by
> a separate bit and it was set to not forward error of access of Vendor ID.
> So we think it's okay to enable the error forwarding, the SError should not
> occur, because after the enumeration it won't access the non-existent functions.

We've rejected upstream support for platforms aborting on config
accesses[1]. I think there's clear consensus that aborting is the
wrong behavior.

Do MEM_wr errors get forwarded? Seems like that would be enough. Also,
wouldn't page faults catch most OOB accesses anyways? You need things
page aligned anyways with an IOMMU and doing userspace access or guest
assignment.

Here's another idea, how about only enabling forwarding errors if the
link is up? If really would need to be configured any time the link
state changes rather than just at probe. I'm not sure if you have a
way to disable it on link down though.

Rob

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ