From 706832dc1b8fd80f0c728f142da7a91590db244b Mon Sep 17 00:00:00 2001 From: Josip Ponjavic Date: Wed, 11 Dec 2019 14:29:52 +0100 Subject: [PATCH] 5.4.2-1 (clr 5.4.2-875) update acs patch for 5.4 --- .SRCINFO | 20 +- PKGBUILD | 18 +- ...errides-for-missing-acs-capabilities.patch | 193 ++++++++++++++++++ 3 files changed, 212 insertions(+), 19 deletions(-) create mode 100644 pci-enable-overrides-for-missing-acs-capabilities.patch diff --git a/.SRCINFO b/.SRCINFO index f97a940..cd83a62 100644 --- a/.SRCINFO +++ b/.SRCINFO @@ -1,7 +1,7 @@ pkgbase = linux-clear pkgdesc = Clear Linux - pkgver = 5.3.15 - pkgrel = 2 + pkgver = 5.4.2 + pkgrel = 1 url = https://github.com/clearlinux-pkgs/linux arch = x86_64 license = GPL2 @@ -13,21 +13,21 @@ pkgbase = linux-clear makedepends = libelf makedepends = xmlto options = !strip - source = https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.3.tar.xz - source = https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.3.tar.sign - source = https://cdn.kernel.org/pub/linux/kernel/v5.x/patch-5.3.15.xz - source = clearlinux::git+https://github.com/clearlinux-pkgs/linux.git#tag=5.3.14-874 + source = https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.4.tar.xz + source = https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.4.tar.sign + source = https://cdn.kernel.org/pub/linux/kernel/v5.x/patch-5.4.2.xz + source = clearlinux::git+https://github.com/clearlinux-pkgs/linux.git#tag=5.4.2-875 source = enable_additional_cpu_optimizations-20190822.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/20190822.tar.gz - source = add-acs-overrides.patch::https://aur.archlinux.org/cgit/aur.git/plain/add-acs-overrides.patch?h=linux-vfio + source = pci-enable-overrides-for-missing-acs-capabilities.patch source = futex-wait-multiple-5.2.1.patch::https://aur.archlinux.org/cgit/aur.git/plain/futex-wait-multiple-5.2.1.patch?h=linux-fsync validpgpkeys = ABAF11C65A2970B130ABE3C479BE3E4300411886 validpgpkeys = 647F28654894E3BD457199BE38DBBDC86092693E - sha256sums = 78f3c397513cf4ff0f96aa7d09a921d003e08fa97c09e0bb71d88211b40567b2 + sha256sums = bf338980b1670bca287f9994b7441c2361907635879169c64ae78364efc5f491 sha256sums = SKIP - sha256sums = 205c9ec3d4ab126bb0f7c7c7a66f97ea89fdbbfa2145c49490c86709648ff538 + sha256sums = 90f5cb7b43bd7510de633dc9cd6cc14d4380d60d0c72eaf09b289412c01380f0 sha256sums = SKIP sha256sums = 8c11086809864b5cef7d079f930bd40da8d0869c091965fa62e95de9a0fe13b5 - sha256sums = dbf4ac4b873ce6972e63b78d74ddba18f2701716163bb7f4b4fe5e909346a6e1 + sha256sums = 4127910703ed934224941114c2a4e0bcc5b4841f46d04063ed7b20870a51baa0 sha256sums = b8a9225b4b5cbabac26398d11cc26566e4407d150dacb92f3411c9bb8cc23942 pkgname = linux-clear diff --git a/PKGBUILD b/PKGBUILD index 823a6dc..f30fa4d 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -58,13 +58,13 @@ _localmodcfg= ### IMPORTANT: Do no edit below this line unless you know what you're doing -_major=5.3 -_minor=15 +_major=5.4 +_minor=2 _srcname=linux-${_major} -_clr=${_major}.14-874 +_clr=${_major}.2-875 pkgbase=linux-clear pkgver=${_major}.${_minor} -pkgrel=2 +pkgrel=1 pkgdesc='Clear Linux' arch=('x86_64') url="https://github.com/clearlinux-pkgs/linux" @@ -78,7 +78,7 @@ source=( "https://cdn.kernel.org/pub/linux/kernel/v5.x/patch-${pkgver}.xz" "clearlinux::git+https://github.com/clearlinux-pkgs/linux.git#tag=${_clr}" "enable_additional_cpu_optimizations-$_gcc_more_v.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/$_gcc_more_v.tar.gz" - 'add-acs-overrides.patch::https://aur.archlinux.org/cgit/aur.git/plain/add-acs-overrides.patch?h=linux-vfio' + 'pci-enable-overrides-for-missing-acs-capabilities.patch' 'futex-wait-multiple-5.2.1.patch::https://aur.archlinux.org/cgit/aur.git/plain/futex-wait-multiple-5.2.1.patch?h=linux-fsync' ) @@ -100,7 +100,7 @@ prepare() { echo "${pkgbase#linux}" > localversion.20-pkgname ### Add Clearlinux patches - for i in $(grep '^Patch' ${srcdir}/clearlinux/linux.spec | grep -Ev '^Patch0123|^Patch0130|^Patch0073' | sed -n 's/.*: //p'); do + for i in $(grep '^Patch' ${srcdir}/clearlinux/linux.spec | grep -Ev '^Patch0123|^Patch0130' | sed -n 's/.*: //p'); do msg2 "Applying patch ${i}..." patch -Np1 -i "$srcdir/clearlinux/${i}" done @@ -328,12 +328,12 @@ for _p in "${pkgname[@]}"; do }" done -sha256sums=('78f3c397513cf4ff0f96aa7d09a921d003e08fa97c09e0bb71d88211b40567b2' +sha256sums=('bf338980b1670bca287f9994b7441c2361907635879169c64ae78364efc5f491' 'SKIP' - '205c9ec3d4ab126bb0f7c7c7a66f97ea89fdbbfa2145c49490c86709648ff538' + '90f5cb7b43bd7510de633dc9cd6cc14d4380d60d0c72eaf09b289412c01380f0' 'SKIP' '8c11086809864b5cef7d079f930bd40da8d0869c091965fa62e95de9a0fe13b5' - 'dbf4ac4b873ce6972e63b78d74ddba18f2701716163bb7f4b4fe5e909346a6e1' + '4127910703ed934224941114c2a4e0bcc5b4841f46d04063ed7b20870a51baa0' 'b8a9225b4b5cbabac26398d11cc26566e4407d150dacb92f3411c9bb8cc23942') validpgpkeys=( diff --git a/pci-enable-overrides-for-missing-acs-capabilities.patch b/pci-enable-overrides-for-missing-acs-capabilities.patch new file mode 100644 index 0000000..c9e123d --- /dev/null +++ b/pci-enable-overrides-for-missing-acs-capabilities.patch @@ -0,0 +1,193 @@ +From f56f33917f418568141184eb2503ec65309a8255 Mon Sep 17 00:00:00 2001 +From: Mark Weiman +Date: Thu, 13 Dec 2018 13:15:16 -0500 +Subject: [PATCH] pci: Enable overrides for missing ACS capabilities (4.18) + +This an updated version of Alex Williamson's patch from: +https://lkml.org/lkml/2013/5/30/513 + +Original commit message follows: +--- +PCIe ACS (Access Control Services) is the PCIe 2.0+ feature that +allows us to control whether transactions are allowed to be redirected +in various subnodes of a PCIe topology. For instance, if two +endpoints are below a root port or downsteam switch port, the +downstream port may optionally redirect transactions between the +devices, bypassing upstream devices. The same can happen internally +on multifunction devices. The transaction may never be visible to the +upstream devices. + +One upstream device that we particularly care about is the IOMMU. If +a redirection occurs in the topology below the IOMMU, then the IOMMU +cannot provide isolation between devices. This is why the PCIe spec +encourages topologies to include ACS support. Without it, we have to +assume peer-to-peer DMA within a hierarchy can bypass IOMMU isolation. + +Unfortunately, far too many topologies do not support ACS to make this +a steadfast requirement. Even the latest chipsets from Intel are only +sporadically supporting ACS. We have trouble getting interconnect +vendors to include the PCIe spec required PCIe capability, let alone +suggested features. + +Therefore, we need to add some flexibility. The pcie_acs_override= +boot option lets users opt-in specific devices or sets of devices to +assume ACS support. The "downstream" option assumes full ACS support +on root ports and downstream switch ports. The "multifunction" +option assumes the subset of ACS features available on multifunction +endpoints and upstream switch ports are supported. The "id:nnnn:nnnn" +option enables ACS support on devices matching the provided vendor +and device IDs, allowing more strategic ACS overrides. These options +may be combined in any order. A maximum of 16 id specific overrides +are available. It's suggested to use the most limited set of options +necessary to avoid completely disabling ACS across the topology. +Note to hardware vendors, we have facilities to permanently quirk +specific devices which enforce isolation but not provide an ACS +capability. Please contact me to have your devices added and save +your customers the hassle of this boot option. +--- + .../admin-guide/kernel-parameters.txt | 8 ++ + drivers/pci/quirks.c | 102 ++++++++++++++++++ + 2 files changed, 110 insertions(+) + +diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt +index 0c404cda531a..0d45f0014f4a 100644 +--- a/Documentation/admin-guide/kernel-parameters.txt ++++ b/Documentation/admin-guide/kernel-parameters.txt +@@ -3408,6 +3408,14 @@ + nomsi [MSI] If the PCI_MSI kernel config parameter is + enabled, this kernel boot option can be used to + disable the use of MSI interrupts system-wide. ++ pci_acs_override [PCIE] Override missing PCIe ACS support for: ++ downstream ++ All downstream ports - full ACS capabilities ++ multifunction ++ Add multifunction devices - multifunction ACS subset ++ id:nnnn:nnnn ++ Specific device - full ACS capabilities ++ Specified as vid:did (vendor/device ID) in hex + noioapicquirk [APIC] Disable all boot interrupt quirks. + Safety option to keep boot IRQs enabled. This + should never be necessary. +diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c +index c0673a717239..695d99b390f7 100644 +--- a/drivers/pci/quirks.c ++++ b/drivers/pci/quirks.c +@@ -192,6 +192,106 @@ static int __init pci_apply_final_quirks(void) + } + fs_initcall_sync(pci_apply_final_quirks); + ++static bool acs_on_downstream; ++static bool acs_on_multifunction; ++ ++#define NUM_ACS_IDS 16 ++struct acs_on_id { ++ unsigned short vendor; ++ unsigned short device; ++}; ++static struct acs_on_id acs_on_ids[NUM_ACS_IDS]; ++static u8 max_acs_id; ++ ++static __init int pcie_acs_override_setup(char *p) ++{ ++ if (!p) ++ return -EINVAL; ++ ++ while (*p) { ++ if (!strncmp(p, "downstream", 10)) ++ acs_on_downstream = true; ++ if (!strncmp(p, "multifunction", 13)) ++ acs_on_multifunction = true; ++ if (!strncmp(p, "id:", 3)) { ++ char opt[5]; ++ int ret; ++ long val; ++ ++ if (max_acs_id >= NUM_ACS_IDS - 1) { ++ pr_warn("Out of PCIe ACS override slots (%d)\n", ++ NUM_ACS_IDS); ++ goto next; ++ } ++ ++ p += 3; ++ snprintf(opt, 5, "%s", p); ++ ret = kstrtol(opt, 16, &val); ++ if (ret) { ++ pr_warn("PCIe ACS ID parse error %d\n", ret); ++ goto next; ++ } ++ acs_on_ids[max_acs_id].vendor = val; ++ p += strcspn(p, ":"); ++ if (*p != ':') { ++ pr_warn("PCIe ACS invalid ID\n"); ++ goto next; ++ } ++ ++ p++; ++ snprintf(opt, 5, "%s", p); ++ ret = kstrtol(opt, 16, &val); ++ if (ret) { ++ pr_warn("PCIe ACS ID parse error %d\n", ret); ++ goto next; ++ } ++ acs_on_ids[max_acs_id].device = val; ++ max_acs_id++; ++ } ++next: ++ p += strcspn(p, ","); ++ if (*p == ',') ++ p++; ++ } ++ ++ if (acs_on_downstream || acs_on_multifunction || max_acs_id) ++ pr_warn("Warning: PCIe ACS overrides enabled; This may allow non-IOMMU protected peer-to-peer DMA\n"); ++ ++ return 0; ++} ++early_param("pcie_acs_override", pcie_acs_override_setup); ++ ++static int pcie_acs_overrides(struct pci_dev *dev, u16 acs_flags) ++{ ++ int i; ++ ++ /* Never override ACS for legacy devices or devices with ACS caps */ ++ if (!pci_is_pcie(dev) || ++ pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ACS)) ++ return -ENOTTY; ++ ++ for (i = 0; i < max_acs_id; i++) ++ if (acs_on_ids[i].vendor == dev->vendor && ++ acs_on_ids[i].device == dev->device) ++ return 1; ++ ++switch (pci_pcie_type(dev)) { ++ case PCI_EXP_TYPE_DOWNSTREAM: ++ case PCI_EXP_TYPE_ROOT_PORT: ++ if (acs_on_downstream) ++ return 1; ++ break; ++ case PCI_EXP_TYPE_ENDPOINT: ++ case PCI_EXP_TYPE_UPSTREAM: ++ case PCI_EXP_TYPE_LEG_END: ++ case PCI_EXP_TYPE_RC_END: ++ if (acs_on_multifunction && dev->multifunction) ++ return 1; ++ } ++ ++ return -ENOTTY; ++} ++ + /* + * Decoding should be disabled for a PCI device during BAR sizing to avoid + * conflict. But doing so may cause problems on host bridge and perhaps other +@@ -4663,6 +4663,8 @@ static const struct pci_dev_acs_enabled { + { PCI_VENDOR_ID_BROADCOM, 0xD714, pci_quirk_brcm_acs }, + /* Amazon Annapurna Labs */ + { PCI_VENDOR_ID_AMAZON_ANNAPURNA_LABS, 0x0031, pci_quirk_al_acs }, ++ /* allow acs for any */ ++ { PCI_ANY_ID, PCI_ANY_ID, pcie_acs_overrides }, + { 0 } + }; + +-- +2.20.0 +