lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a0b070b7-14ce-7cc5-4e6c-6e15f3fcab75@linux.intel.com>
Date: Wed, 7 Feb 2024 14:33:58 +0200 (EET)
From: Ilpo Järvinen <ilpo.jarvinen@...ux.intel.com>
To: "Maciej W. Rozycki" <macro@...am.me.uk>, 
    Bjorn Helgaas <helgaas@...nel.org>
cc: linux-pci@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>, 
    Mika Westerberg <mika.westerberg@...ux.intel.com>
Subject: Re: [PATCH 1/2] PCI: Clear LBMS on resume to avoid Target Speed
 quirk

On Fri, 2 Feb 2024, Ilpo Järvinen wrote:
> On Thu, 1 Feb 2024, Maciej W. Rozycki wrote:
> > On Thu, 1 Feb 2024, Ilpo Järvinen wrote:
> >
> > > > >  What kind of scenario does the LBMS bit get set in that you have a 
> > > > > trouble with?  You write that in your case the downstream device has been 
> > > > > disconnected while the bug hierarchy was suspended and it is not present 
> > > > > anymore at resume, is that correct?
> > > > >
> > > > >  But in that case no link negotiation could have been possible and 
> > > > > consequently the LBMS bit mustn't have been set by hardware (according to 
> > > > > my understanding of PCIe), because (for compliant, non-broken devices 
> > > > > anyway) it is only specified to be set for ports that can communicate with 
> > > > > the other link end (the spec explicitly says there mustn't have been a 
> > > > > transition through the DL_Down status for the port).
> > > > >
> > > > >  Am I missing something?
> > > > 
> > > > Yes, when resuming the device is already gone but the bridge still has 
> > > > LBMS set. My understanding is that it was set because it was there
> > > > from pre-suspend time but I've not really taken a deep look into it 
> > > > because the problem and fix seemed obvious.
> > 
> >  I've always been confused with the suspend/resume terminology: I'd have 
> > assumed this would have gone through a power cycle, in which case the LBMS 
> > bit would have necessarily been cleared in the transition, because its 
> > required state at power-up/reset is 0, so the value of 1 observed would be 
> > a result of what has happened solely through the resume stage.  Otherwise 
> > it may make sense to clear the bit in the course of the suspend stage, 
> > though it wouldn't be race-free I'm afraid.
> 
> I also thought suspend as one possibility but yes, it racy. Mika also 
> suggested clearing LBMS after each successful retrain but that wouldn't 
> cover all possible ways to get LBMS set as devices can set it 
> independently of OS. Keeping it cleared constantly is pretty much what 
> will happen with the bandwidth controller anyway.
> 
> > > > I read that "without the Port transitioning through DL_Down status" 
> > > > differently than you, I only interpret that it relates to the two 
> > > > bullets following it. ...So if retrain bit is set, and link then goes 
> > > > down, the bullet no longer applies and LBMS should not be set because 
> > > > there was transition through DL_Down. But I could well be wrong...
> > 
> > What I refer to is that if you suspend your system, remove the device 
> > that originally caused the quirk to trigger and then resume your system 
> > with the device absent,
> 
> A small correction here, the quirk didn't trigger initially for the 
> device, it does that only after resume. And even then quirk is called 
> only because the link doesn't come up.
> 
> On longer term, I'd actually want to have hotplug resumed earlier so the 
> disconnect could be detected before/while all this waiting related to link 
> up is done. But that's very complicated to realize in practice because 
> hotplug lurks behind portdrv so resuming it earlier isn't going to be 
> about just moving a few lines around.
> 
> > then LBMS couldn't have been set in the course of 
> > resume, because the port couldn't have come out of the DL_Down status in 
> > the absence of the downstream device.  Do you interpret it differently?
> 
> That's a good question and I don't have an answer to this yet, that is,
> I don't fully understand what happens to those device during runtime 
> suspend/resume cycle and what is the exact mechanism that preserves the 
> LBMS bit, I'll look more into it.
> 
> But I agree that if the device goes cold enough and downstream is 
> disconnected, the port should no longer have a way to reassert LBMS.

It seems that the root cause here is that the bridge ports do not enter 
D3cold but remain in D3hot because of an ACPI power resource that is 
shared (with Thunderbolt in this case but that's just one example, there 
could be other similar sharings outside of what PCI controls).

There is an attempt to power off the entire hierarchy into D3cold on 
suspend but the ports won't reach that state. Because the port remains in 
D3hot, the config space is preserved and LBMS bit along with it.

So it seems that we cannot make the assumption that a device enters D3cold 
just because it was suspended.


On the positive side, it was also tested that the logic fix I sent earlier 
solved the most visible problem which is the delay on resume. It doesn't 
address the false activation of Target Speed quirk because LBMS bit is 
still set but the symptoms are no longer the same because of the 
corrected logic.

So to solve the main issue with delay, there's no need to clear the LBMS 
and the patch you're preparing/testing for pcie_failed_link_retrain()
together with the logic fix on its caller are enough to address the first 
issue.

I still think those two should be put into the same commit because the
true <-> false changes, if made separately, lead to additional
incoherent states but if Bjorn wants them separately, at least they 
should be put back-to-back so the brokeness is just within a single 
commit in the history.

In addition, my 2nd patch addresses another issue which is unrelated 
to this despite similar symptoms with extra delay on resume. I'll send v2 
of that 2nd path separately with the inverted return value.

> > > Because if it is constantly picking another speed, it would mean you get 
> > > LBMS set over and over again, no? If that happens 34-35 times per second, 
> > > it should be set already again when we get into that quirk because there 
> > > was some wait before it gets called.
> > 
> >  I'll see if I can experiment with the hardware over the next couple of 
> > days and come back with my findings.
> 
> Okay thanks.

One point I'd be very interested to know if the link actually comes up 
successfully (even if briefly) because this has large implications whether 
the quirk can actually be invoked from the bandwidth controller code.


-- 
 i.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ