Re: [PATCH v2 2/2] PCI: Add the enhanced ACS controls check to pci_acs_flags_enabled()
From: Wei Wang
Date: Mon Jan 26 2026 - 04:15:12 EST
On 1/23/26 10:51 PM, Jason Gunthorpe wrote:
On Fri, Jan 23, 2026 at 09:49:43AM +0800, Wei Wang wrote:
The enhanced ACS controls introduced by PCIe Gen 5 ensures better device
isolation. On devices that support the PCI_ACS_ECAP capability, the
controls are required to be enabled properly:
- ACS I/O Request Blocking needs to be enabled to avoid unintended
upstream I/O requests.
- ACS DSP and USP Memory Target Access Control needs to be set with
Request Redirect or Request Blocking to ensure the Downstream and
and Upstream Port memory resource ranges are not accessed by upstream
memory requests.
- ACS Unclaimed Request Redirect needs to be enabled to ensure accesses to
areas that lies within a Switch's Upstream Port memory apertures but not
within any Downstream Port memory apertures get redirected.
To maintain compatibility with legacy devices that lack PCI_ACS_ECAP
support, pci_acs_enabled() skips checking for the capability and logs a
warning to indicate that isolation may be incomplete.
That's every existing system, please don't do that.
The issue with ECAP is the way PCI SIG re-defined what Linux has been
doing forever as unsafe.
My viewpoint is that there are known bugs with the legacy ACS defined in PCIe Gen 4, and PCIe Gen 5 attempts to address them through new controls in the Enhanced Capability (ECAP). From the Linux perspective, we just need to adapt accordingly to ensure 'better' isolation.
That's why I was considering adding a warning log to inform users that these legacy bugs may still be present. In practice, these issues primarily affect virtual machine scenarios. The host kernel isn't impacted as the USP/DSP holes and MMIOs are marked as reserved regions, which are skipped during IOVA allocation.
The warning is intended to raise awareness for users, so they can make informed decisions about continuing with this setup.
Jason
Signed-off-by: Wei Wang <wei.w.wang@xxxxxxxxxxx>
---
drivers/pci/pci.c | 67 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 67 insertions(+)
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index c4cf835ec8ba..ff974ced90aa 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -3527,6 +3527,56 @@ void pci_configure_ari(struct pci_dev *dev)
}
}
+static bool pci_dev_has_memory_bars(struct pci_dev *pdev)
+{
+ int i;
+
+ for (i = 0; i <= PCI_ROM_RESOURCE; i++) {
+ if (pci_resource_flags(pdev, i) & IORESOURCE_MEM)
+ return true;
+ }
+
+ return false;
+}
+
+static bool pci_acs_ecap_enabled(struct pci_dev *pdev, u16 ctrl)
+{
+ struct pci_dev *usp_pdev = pci_upstream_bridge(pdev);
+ u16 mask = PCI_ACS_DMAC_RB | PCI_ACS_DMAC_RR;
+
+ /*
+ * For ACS DSP/USP Memory Target Access Control, either Request
+ * Redirect or Request Blocking must be enabled to enforce isolation.
+ * According to PCIe spec 6.2, the DSP Memory Target Access is
+ * applicable to both Root Ports and Switch Upstream Ports that have
+ * applicable Memory BAR space to protect. So if the device does not
+ * have a Memory BAR, it skips the check.
+ */
This doesn't make sense, the special cases PCI sig clarified only have
to do with switches that have MMIO on their USP/DSP and a case where
the DSP aperture isn't covered by all the USPs.
Do you have a link to the clarification from PCI sig?
In PCIe Spec 7.0, the ACS DSP Memory Target Access Control field is still explicitly required for Root Ports and Switch Downstream Ports when the ACS Enhanced Capability bit is set
For USP Memory Target Access Control, the spec does not list Root Ports as requiring this field.
These tests shouldn't be done outside a usp/dsp context.
It might not be difficult to tweak the implementation for this (just skip Root Port in the check).
(Curious to read the clarification from PCI sig first)
You can look at what I drafted earlier here:
https://lore.kernel.org/all/0-v3-8827cc7fc4e0+23f-pcie_switch_groups_jgg@xxxxxxxxxx/
IIUC the implementation also applied the DSP Memory Target Access Control check to the Root Port?