5.4.2-1 (clr 5.4.2-875) update acs patch for 5.4

2019-12-11 14:29:52 +01:00 · 2019-12-11 14:29:52 +01:00 · 706832dc1b
commit 706832dc1b
parent e8014ad6b7
3 changed files with 212 additions and 19 deletions
--- a/.SRCINFO
+++ b/.SRCINFO
@ -1,7 +1,7 @@
 pkgbase = linux-clear
 	pkgdesc = Clear Linux
-	pkgver = 5.3.15
+	pkgver = 5.4.2
-	pkgrel = 2
+	pkgrel = 1
 	url = https://github.com/clearlinux-pkgs/linux
 	arch = x86_64
 	license = GPL2
@ -13,21 +13,21 @@ pkgbase = linux-clear
 	makedepends = libelf
 	makedepends = xmlto
 	options = !strip
-	source = https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.3.tar.xz
+	source = https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.4.tar.xz
-	source = https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.3.tar.sign
+	source = https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.4.tar.sign
-	source = https://cdn.kernel.org/pub/linux/kernel/v5.x/patch-5.3.15.xz
+	source = https://cdn.kernel.org/pub/linux/kernel/v5.x/patch-5.4.2.xz
-	source = clearlinux::git+https://github.com/clearlinux-pkgs/linux.git#tag=5.3.14-874
+	source = clearlinux::git+https://github.com/clearlinux-pkgs/linux.git#tag=5.4.2-875
 	source = enable_additional_cpu_optimizations-20190822.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/20190822.tar.gz
-	source = add-acs-overrides.patch::https://aur.archlinux.org/cgit/aur.git/plain/add-acs-overrides.patch?h=linux-vfio
+	source = pci-enable-overrides-for-missing-acs-capabilities.patch
 	source = futex-wait-multiple-5.2.1.patch::https://aur.archlinux.org/cgit/aur.git/plain/futex-wait-multiple-5.2.1.patch?h=linux-fsync
 	validpgpkeys = ABAF11C65A2970B130ABE3C479BE3E4300411886
 	validpgpkeys = 647F28654894E3BD457199BE38DBBDC86092693E
-	sha256sums = 78f3c397513cf4ff0f96aa7d09a921d003e08fa97c09e0bb71d88211b40567b2
+	sha256sums = bf338980b1670bca287f9994b7441c2361907635879169c64ae78364efc5f491
 	sha256sums = SKIP
-	sha256sums = 205c9ec3d4ab126bb0f7c7c7a66f97ea89fdbbfa2145c49490c86709648ff538
+	sha256sums = 90f5cb7b43bd7510de633dc9cd6cc14d4380d60d0c72eaf09b289412c01380f0
 	sha256sums = SKIP
 	sha256sums = 8c11086809864b5cef7d079f930bd40da8d0869c091965fa62e95de9a0fe13b5
-	sha256sums = dbf4ac4b873ce6972e63b78d74ddba18f2701716163bb7f4b4fe5e909346a6e1
+	sha256sums = 4127910703ed934224941114c2a4e0bcc5b4841f46d04063ed7b20870a51baa0
 	sha256sums = b8a9225b4b5cbabac26398d11cc26566e4407d150dacb92f3411c9bb8cc23942
 pkgname = linux-clear
--- a/18
+++ b/18
@ -58,13 +58,13 @@ _localmodcfg=
 ### IMPORTANT: Do no edit below this line unless you know what you're doing
-_major=5.3
+_major=5.4
-_minor=15
+_minor=2
 _srcname=linux-${_major}
-_clr=${_major}.14-874
+_clr=${_major}.2-875
 pkgbase=linux-clear
 pkgver=${_major}.${_minor}
-pkgrel=2
+pkgrel=1
 pkgdesc='Clear Linux'
 arch=('x86_64')
 url="https://github.com/clearlinux-pkgs/linux"
@ -78,7 +78,7 @@ source=(
  "https://cdn.kernel.org/pub/linux/kernel/v5.x/patch-${pkgver}.xz"
  "clearlinux::git+https://github.com/clearlinux-pkgs/linux.git#tag=${_clr}"
  "enable_additional_cpu_optimizations-$_gcc_more_v.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/$_gcc_more_v.tar.gz"
-  'add-acs-overrides.patch::https://aur.archlinux.org/cgit/aur.git/plain/add-acs-overrides.patch?h=linux-vfio'
+  'pci-enable-overrides-for-missing-acs-capabilities.patch'
  'futex-wait-multiple-5.2.1.patch::https://aur.archlinux.org/cgit/aur.git/plain/futex-wait-multiple-5.2.1.patch?h=linux-fsync'
 )
@ -100,7 +100,7 @@ prepare() {
        echo "${pkgbase#linux}" > localversion.20-pkgname
    ### Add Clearlinux patches
-        for i in $(grep '^Patch' ${srcdir}/clearlinux/linux.spec | grep -Ev '^Patch0123|^Patch0130|^Patch0073' | sed -n 's/.*: //p'); do
+        for i in $(grep '^Patch' ${srcdir}/clearlinux/linux.spec | grep -Ev '^Patch0123|^Patch0130' | sed -n 's/.*: //p'); do
        msg2 "Applying patch ${i}..."
        patch -Np1 -i "$srcdir/clearlinux/${i}"
        done
@ -328,12 +328,12 @@ for _p in "${pkgname[@]}"; do
  }"
 done
-sha256sums=('78f3c397513cf4ff0f96aa7d09a921d003e08fa97c09e0bb71d88211b40567b2'
+sha256sums=('bf338980b1670bca287f9994b7441c2361907635879169c64ae78364efc5f491'
            'SKIP'
-            '205c9ec3d4ab126bb0f7c7c7a66f97ea89fdbbfa2145c49490c86709648ff538'
+            '90f5cb7b43bd7510de633dc9cd6cc14d4380d60d0c72eaf09b289412c01380f0'
            'SKIP'
            '8c11086809864b5cef7d079f930bd40da8d0869c091965fa62e95de9a0fe13b5'
-            'dbf4ac4b873ce6972e63b78d74ddba18f2701716163bb7f4b4fe5e909346a6e1'
+            '4127910703ed934224941114c2a4e0bcc5b4841f46d04063ed7b20870a51baa0'
            'b8a9225b4b5cbabac26398d11cc26566e4407d150dacb92f3411c9bb8cc23942')
 validpgpkeys=(
--- a/pci-enable-overrides-for-missing-acs-capabilities.patch
+++ b/pci-enable-overrides-for-missing-acs-capabilities.patch
@ -0,0 +1,193 @@
 From f56f33917f418568141184eb2503ec65309a8255 Mon Sep 17 00:00:00 2001
 From: Mark Weiman <mark.weiman@markzz.com>
 Date: Thu, 13 Dec 2018 13:15:16 -0500
 Subject: [PATCH] pci: Enable overrides for missing ACS capabilities (4.18)
 This an updated version of Alex Williamson's patch from:
 https://lkml.org/lkml/2013/5/30/513
 Original commit message follows:
 ---
 PCIe ACS (Access Control Services) is the PCIe 2.0+ feature that
 allows us to control whether transactions are allowed to be redirected
 in various subnodes of a PCIe topology.  For instance, if two
 endpoints are below a root port or downsteam switch port, the
 downstream port may optionally redirect transactions between the
 devices, bypassing upstream devices.  The same can happen internally
 on multifunction devices.  The transaction may never be visible to the
 upstream devices.
 One upstream device that we particularly care about is the IOMMU.  If
 a redirection occurs in the topology below the IOMMU, then the IOMMU
 cannot provide isolation between devices.  This is why the PCIe spec
 encourages topologies to include ACS support.  Without it, we have to
 assume peer-to-peer DMA within a hierarchy can bypass IOMMU isolation.
 Unfortunately, far too many topologies do not support ACS to make this
 a steadfast requirement.  Even the latest chipsets from Intel are only
 sporadically supporting ACS.  We have trouble getting interconnect
 vendors to include the PCIe spec required PCIe capability, let alone
 suggested features.
 Therefore, we need to add some flexibility.  The pcie_acs_override=
 boot option lets users opt-in specific devices or sets of devices to
 assume ACS support.  The "downstream" option assumes full ACS support
 on root ports and downstream switch ports.  The "multifunction"
 option assumes the subset of ACS features available on multifunction
 endpoints and upstream switch ports are supported.  The "id:nnnn:nnnn"
 option enables ACS support on devices matching the provided vendor
 and device IDs, allowing more strategic ACS overrides.  These options
 may be combined in any order.  A maximum of 16 id specific overrides
 are available.  It's suggested to use the most limited set of options
 necessary to avoid completely disabling ACS across the topology.
 Note to hardware vendors, we have facilities to permanently quirk
 specific devices which enforce isolation but not provide an ACS
 capability.  Please contact me to have your devices added and save
 your customers the hassle of this boot option.
 ---
 .../admin-guide/kernel-parameters.txt         |   8 ++
 drivers/pci/quirks.c                          | 102 ++++++++++++++++++
 2 files changed, 110 insertions(+)
 diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
 index 0c404cda531a..0d45f0014f4a 100644
 --- a/Documentation/admin-guide/kernel-parameters.txt
 +++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -3408,6 +3408,14 @@
 		nomsi		[MSI] If the PCI_MSI kernel config parameter is
 				enabled, this kernel boot option can be used to
 				disable the use of MSI interrupts system-wide.
 +		pci_acs_override [PCIE] Override missing PCIe ACS support for:
 +				downstream
 +					All downstream ports - full ACS capabilities
 +				multifunction
 +					Add multifunction devices - multifunction ACS subset
 +				id:nnnn:nnnn
 +					Specific device - full ACS capabilities
 +					Specified as vid:did (vendor/device ID) in hex
 		noioapicquirk	[APIC] Disable all boot interrupt quirks.
 				Safety option to keep boot IRQs enabled. This
 				should never be necessary.
 diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
 index c0673a717239..695d99b390f7 100644
 --- a/drivers/pci/quirks.c
 +++ b/drivers/pci/quirks.c
@@ -192,6 +192,106 @@ static int __init pci_apply_final_quirks(void)
 }
 fs_initcall_sync(pci_apply_final_quirks);
 +static bool acs_on_downstream;
 +static bool acs_on_multifunction;
 +
 +#define NUM_ACS_IDS 16
 +struct acs_on_id {
 +	unsigned short vendor;
 +	unsigned short device;
 +};
 +static struct acs_on_id acs_on_ids[NUM_ACS_IDS];
 +static u8 max_acs_id;
 +
 +static __init int pcie_acs_override_setup(char *p)
 +{
 +	if (!p)
 +		return -EINVAL;
 +
 +	while (*p) {
 +		if (!strncmp(p, "downstream", 10))
 +			acs_on_downstream = true;
 +		if (!strncmp(p, "multifunction", 13))
 +			acs_on_multifunction = true;
 +		if (!strncmp(p, "id:", 3)) {
 +			char opt[5];
 +			int ret;
 +			long val;
 +
 +			if (max_acs_id >= NUM_ACS_IDS - 1) {
 +				pr_warn("Out of PCIe ACS override slots (%d)\n",
 +						NUM_ACS_IDS);
 +				goto next;
 +			}
 +
 +			p += 3;
 +			snprintf(opt, 5, "%s", p);
 +			ret = kstrtol(opt, 16, &val);
 +			if (ret) {
 +				pr_warn("PCIe ACS ID parse error %d\n", ret);
 +				goto next;
 +			}
 +			acs_on_ids[max_acs_id].vendor = val;
 +		p += strcspn(p, ":");
 +		if (*p != ':') {
 +			pr_warn("PCIe ACS invalid ID\n");
 +			goto next;
 +			}
 +
 +			p++;
 +			snprintf(opt, 5, "%s", p);
 +			ret = kstrtol(opt, 16, &val);
 +			if (ret) {
 +				pr_warn("PCIe ACS ID parse error %d\n", ret);
 +				goto next;
 +			}
 +			acs_on_ids[max_acs_id].device = val;
 +			max_acs_id++;
 +		}
 +next:
 +		p += strcspn(p, ",");
 +		if (*p == ',')
 +			p++;
 +	}
 +
 +	if (acs_on_downstream || acs_on_multifunction || max_acs_id)
 +		pr_warn("Warning: PCIe ACS overrides enabled; This may allow non-IOMMU protected peer-to-peer DMA\n");
 +
 +	return 0;
 +}
 +early_param("pcie_acs_override", pcie_acs_override_setup);
 +
 +static int pcie_acs_overrides(struct pci_dev *dev, u16 acs_flags)
 +{
 +	int i;
 +
 +	/* Never override ACS for legacy devices or devices with ACS caps */
 +	if (!pci_is_pcie(dev) ||
 +		pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ACS))
 +			return -ENOTTY;
 +
 +	for (i = 0; i < max_acs_id; i++)
 +		if (acs_on_ids[i].vendor == dev->vendor &&
 +			acs_on_ids[i].device == dev->device)
 +				return 1;
 +
 +switch (pci_pcie_type(dev)) {
 +	case PCI_EXP_TYPE_DOWNSTREAM:
 +	case PCI_EXP_TYPE_ROOT_PORT:
 +		if (acs_on_downstream)
 +			return 1;
 +		break;
 +	case PCI_EXP_TYPE_ENDPOINT:
 +	case PCI_EXP_TYPE_UPSTREAM:
 +	case PCI_EXP_TYPE_LEG_END:
 +	case PCI_EXP_TYPE_RC_END:
 +		if (acs_on_multifunction && dev->multifunction)
 +			return 1;
 +	}
 +
 +	return -ENOTTY;
 +}
 +
 /*
  * Decoding should be disabled for a PCI device during BAR sizing to avoid
  * conflict. But doing so may cause problems on host bridge and perhaps other
@@ -4663,6 +4663,8 @@ static const struct pci_dev_acs_enabled {
 	{ PCI_VENDOR_ID_BROADCOM, 0xD714, pci_quirk_brcm_acs },
 	/* Amazon Annapurna Labs */
 	{ PCI_VENDOR_ID_AMAZON_ANNAPURNA_LABS, 0x0031, pci_quirk_al_acs },
 +	/* allow acs for any */
 +	{ PCI_ANY_ID, PCI_ANY_ID, pcie_acs_overrides },
 	{ 0 }
 };
 -- 
 2.20.0