Re: [PATCH v4 1/3] PCI: Allow ATS to be always on for CXL.cache capable devices

public inbox for linux-arm-kernel@lists.infradead.org 
 help / color / mirror / Atom feed

From: Yi Liu <yi.l.liu@intel•com>
To: Nicolin Chen <nicolinc@nvidia•com>, <jgg@nvidia•com>,
	<will@kernel•org>, <robin.murphy@arm•com>, <bhelgaas@google•com>
Cc: <joro@8bytes•org>, <praan@google•com>, <baolu.lu@linux•intel.com>,
	<kevin.tian@intel•com>, <miko.lenczewski@arm•com>,
	<linux-arm-kernel@lists•infradead.org>, <iommu@lists•linux.dev>,
	<linux-kernel@vger•kernel.org>, <linux-pci@vger•kernel.org>,
	<dan.j.williams@intel•com>, <jonathan.cameron@huawei•com>,
	<vsethi@nvidia•com>, <linux-cxl@vger•kernel.org>,
	<nirmoyd@nvidia•com>
Subject: Re: [PATCH v4 1/3] PCI: Allow ATS to be always on for CXL.cache capable devices
Date: Wed, 20 May 2026 21:12:31 +0800	[thread overview]
Message-ID: <e8337102-aecd-48e8-9a2d-10f41ed43c5b@intel.com> (raw)
In-Reply-To: <f6734b9dad0050138676f11ecd14e9db1cf6b697.1777269009.git.nicolinc@nvidia.com>

On 4/27/26 13:54, Nicolin Chen wrote:
> Controlled by the IOMMU driver, ATS is usually enabled "on demand" when a
> given PASID on a device is attached to an I/O page table. This is working
> even when a device has no translation on its RID (i.e., the RID is IOMMU
> bypassed).

nit: this description seems not accurate. Intel iommu driver enables ATS
in the probe_device() phase. mind tweak a bit to avoid misleading
message. :)

> However, certain PCIe devices require non-PASID ATS on their RID even when
> the RID is IOMMU bypassed. Call this "always on".
> 
> For example, CXL spec r4.0 notes in sec 3.2.5.13 Memory Type on CXL.cache:
>   "To source requests on CXL.cache, devices need to get the Host Physical
>    Address (HPA) from the Host by means of an ATS request on CXL.io."
> 
> In other words, the CXL.cache capability requires ATS; otherwise, it can't
> access host physical memory.
> 
> Introduce a new pci_ats_always_on() helper for the IOMMU driver to scan a
> PCI device and shift ATS policies between "on demand" and "always on".
> 
> Add the support for CXL.cache devices first. Pre-CXL devices will be added
> in quirks.c file.
> 
> Note that pci_ats_always_on() validates against pci_ats_supported(), so we
> ensure that untrusted devices (e.g. external ports) will not be always on.
> This maintains the existing ATS security policy regarding potential side-
> channel attacks via ATS.
> 

Reviewed-by: Yi Liu <yi.l.liu@intel•com>

> Cc: linux-cxl@vger•kernel.org
> Suggested-by: Vikram Sethi <vsethi@nvidia•com>
> Suggested-by: Jason Gunthorpe <jgg@nvidia•com>
> Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei•com>
> Reviewed-by: Jason Gunthorpe <jgg@nvidia•com>
> Reviewed-by: Kevin Tian <kevin.tian@intel•com>
> Tested-by: Nirmoy Das <nirmoyd@nvidia•com>
> Acked-by: Nirmoy Das <nirmoyd@nvidia•com>
> Signed-off-by: Nicolin Chen <nicolinc@nvidia•com>
> ---
>   include/linux/pci-ats.h       |  3 +++
>   include/uapi/linux/pci_regs.h |  1 +
>   drivers/pci/ats.c             | 43 +++++++++++++++++++++++++++++++++++
>   3 files changed, 47 insertions(+)
> 
> diff --git a/include/linux/pci-ats.h b/include/linux/pci-ats.h
> index 75c6c86cf09dc..d14ba727d38b3 100644
> --- a/include/linux/pci-ats.h
> +++ b/include/linux/pci-ats.h
> @@ -12,6 +12,7 @@ int pci_prepare_ats(struct pci_dev *dev, int ps);
>   void pci_disable_ats(struct pci_dev *dev);
>   int pci_ats_queue_depth(struct pci_dev *dev);
>   int pci_ats_page_aligned(struct pci_dev *dev);
> +bool pci_ats_always_on(struct pci_dev *dev);
>   #else /* CONFIG_PCI_ATS */
>   static inline bool pci_ats_supported(struct pci_dev *d)
>   { return false; }
> @@ -24,6 +25,8 @@ static inline int pci_ats_queue_depth(struct pci_dev *d)
>   { return -ENODEV; }
>   static inline int pci_ats_page_aligned(struct pci_dev *dev)
>   { return 0; }
> +static inline bool pci_ats_always_on(struct pci_dev *dev)
> +{ return false; }
>   #endif /* CONFIG_PCI_ATS */
>   
>   #ifdef CONFIG_PCI_PRI
> diff --git a/include/uapi/linux/pci_regs.h b/include/uapi/linux/pci_regs.h
> index 14f634ab9350d..6ac45be1008b8 100644
> --- a/include/uapi/linux/pci_regs.h
> +++ b/include/uapi/linux/pci_regs.h
> @@ -1349,6 +1349,7 @@
>   /* CXL r4.0, 8.1.3: PCIe DVSEC for CXL Device */
>   #define PCI_DVSEC_CXL_DEVICE				0
>   #define  PCI_DVSEC_CXL_CAP				0xA
> +#define   PCI_DVSEC_CXL_CACHE_CAPABLE			_BITUL(0)
>   #define   PCI_DVSEC_CXL_MEM_CAPABLE			_BITUL(2)
>   #define   PCI_DVSEC_CXL_HDM_COUNT			__GENMASK(5, 4)
>   #define  PCI_DVSEC_CXL_CTRL				0xC
> diff --git a/drivers/pci/ats.c b/drivers/pci/ats.c
> index ec6c8dbdc5e9c..fc871858b65bc 100644
> --- a/drivers/pci/ats.c
> +++ b/drivers/pci/ats.c
> @@ -205,6 +205,49 @@ int pci_ats_page_aligned(struct pci_dev *pdev)
>   	return 0;
>   }
>   
> +/*
> + * CXL r4.0, sec 3.2.5.13 Memory Type on CXL.cache notes: to source requests on
> + * CXL.cache, devices need to get the Host Physical Address (HPA) from the Host
> + * by means of an ATS request on CXL.io.
> + *
> + * In other words, CXL.cache devices cannot access host physical memory without
> + * ATS.
> + */
> +static bool pci_cxl_ats_always_on(struct pci_dev *pdev)
> +{
> +	int offset;
> +	u16 cap;
> +
> +	offset = pci_find_dvsec_capability(pdev, PCI_VENDOR_ID_CXL,
> +					   PCI_DVSEC_CXL_DEVICE);
> +	if (!offset)
> +		return false;
> +
> +	if (pci_read_config_word(pdev, offset + PCI_DVSEC_CXL_CAP, &cap))
> +		return false;
> +
> +	return cap & PCI_DVSEC_CXL_CACHE_CAPABLE;
> +}
> +
> +/**
> + * pci_ats_always_on - Whether the PCI device requires ATS to be always enabled
> + * @pdev: the PCI device
> + *
> + * Returns true, if the PCI device requires ATS for basic functional operation.
> + */
> +bool pci_ats_always_on(struct pci_dev *pdev)
> +{
> +	if (pci_ats_disabled() || !pci_ats_supported(pdev))
> +		return false;
> +
> +	/* A VF inherits its PF's requirement for ATS function */
> +	if (pdev->is_virtfn)
> +		pdev = pci_physfn(pdev);
> +
> +	return pci_cxl_ats_always_on(pdev);
> +}
> +EXPORT_SYMBOL_GPL(pci_ats_always_on);
> +
>   #ifdef CONFIG_PCI_PRI
>   void pci_pri_init(struct pci_dev *pdev)
>   {

next prev parent reply	other threads:[~2026-05-20 13:04 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-27  5:53 [PATCH v4 0/3] Allow ATS to be always on for certain ATS-capable devices Nicolin Chen
2026-04-27  5:54 ` [PATCH v4 1/3] PCI: Allow ATS to be always on for CXL.cache capable devices Nicolin Chen
2026-04-27 16:31   ` Dave Jiang
2026-04-30 21:41   ` Dan Williams (nvidia)
2026-04-30 23:28     ` Nicolin Chen
2026-05-01 23:27       ` Dan Williams (nvidia)
2026-05-01 23:46         ` Jason Gunthorpe
2026-05-02  0:19           ` Dan Williams (nvidia)
2026-05-19 19:36   ` Bjorn Helgaas
2026-05-19 22:23     ` Jason Gunthorpe
2026-05-19 23:48       ` Bjorn Helgaas
2026-05-20  0:05         ` Jason Gunthorpe
2026-05-20  1:04           ` Nicolin Chen
2026-05-20 14:20             ` Jason Gunthorpe
2026-05-20 17:29               ` Nicolin Chen
2026-05-20 17:47                 ` Bjorn Helgaas
2026-05-20 17:56                   ` Jason Gunthorpe
2026-05-20 13:12   ` Yi Liu [this message]
2026-05-20 14:34     ` Jason Gunthorpe
2026-05-21  7:31       ` Yi Liu
2026-05-21 13:05         ` Jason Gunthorpe
2026-05-22  9:18           ` Yi Liu
2026-05-25  6:58           ` Tian, Kevin
2026-04-27  5:54 ` [PATCH v4 2/3] PCI: Allow ATS to be always on for pre-CXL devices Nicolin Chen
2026-04-27 16:32   ` Dave Jiang
2026-05-20 13:12   ` Yi Liu
2026-05-20 17:50   ` Bjorn Helgaas
2026-05-20 17:53     ` Jason Gunthorpe
2026-04-27  5:54 ` [PATCH v4 3/3] iommu/arm-smmu-v3: Allow ATS to be always on Nicolin Chen
2026-04-27 16:37   ` Dave Jiang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=e8337102-aecd-48e8-9a2d-10f41ed43c5b@intel.com \
    --to=yi.l.liu@intel$(echo .)com \
    --cc=baolu.lu@linux$(echo .)intel.com \
    --cc=bhelgaas@google$(echo .)com \
    --cc=dan.j.williams@intel$(echo .)com \
    --cc=iommu@lists$(echo .)linux.dev \
    --cc=jgg@nvidia$(echo .)com \
    --cc=jonathan.cameron@huawei$(echo .)com \
    --cc=joro@8bytes$(echo .)org \
    --cc=kevin.tian@intel$(echo .)com \
    --cc=linux-arm-kernel@lists$(echo .)infradead.org \
    --cc=linux-cxl@vger$(echo .)kernel.org \
    --cc=linux-kernel@vger$(echo .)kernel.org \
    --cc=linux-pci@vger$(echo .)kernel.org \
    --cc=miko.lenczewski@arm$(echo .)com \
    --cc=nicolinc@nvidia$(echo .)com \
    --cc=nirmoyd@nvidia$(echo .)com \
    --cc=praan@google$(echo .)com \
    --cc=robin.murphy@arm$(echo .)com \
    --cc=vsethi@nvidia$(echo .)com \
    --cc=will@kernel$(echo .)org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox