Re: [PATCH v2 2/7] PCI: Set "untrusted" flag for truly external devices only

From: Bjorn Helgaas
Date: Mon Jul 06 2020 - 19:30:51 EST


On Mon, Jul 06, 2020 at 03:31:47PM -0700, Rajat Jain wrote:
> On Mon, Jul 6, 2020 at 9:38 AM Bjorn Helgaas <helgaas@xxxxxxxxxx> wrote:
> > On Mon, Jun 29, 2020 at 09:49:38PM -0700, Rajat Jain wrote:

> > > -static void pci_acpi_set_untrusted(struct pci_dev *dev)
> > > +static void pci_acpi_set_external_facing(struct pci_dev *dev)
> > > {
> > > u8 val;
> > >
> > > - if (pci_pcie_type(dev) != PCI_EXP_TYPE_ROOT_PORT)
> > > + if (pci_pcie_type(dev) != PCI_EXP_TYPE_ROOT_PORT &&
> > > + pci_pcie_type(dev) != PCI_EXP_TYPE_DOWNSTREAM)
> >
> > This looks like a change worthy of its own patch. We used to look for
> > "ExternalFacingPort" only on Root Ports; now we'll also do it for
> > Switch Downstream Ports.
>
> Can do. (please see below)
>
> > Can you include DT and ACPI spec references if they exist? I found
> > this mention:
> > https://docs.microsoft.com/en-us/windows-hardware/drivers/pci/dsd-for-pcie-root-ports
> > which actually says it should only be implemented for Root Ports.
>
> I actually have no references. It seems to me that the microsoft spec
> assumes that all external ports must be implemented on root ports, but
> I think it would be equally fair for systems with PCIe switches to
> implement one on one of their switch downstream ports. I don't have an
> immediate use of this anyway, so if you think this should rather wait
> unless someone really has this case, this can wait. Let me know.

I agree that it "makes sense" to pay attention to this property no
matter where it appears, but since that Microsoft doc went to the
trouble to restrict it to Root Ports, I think we should leave this
as-is and only look for it in the Root Port. Otherwise Linux will
accept something Windows will reject, and that seems like a needless
difference.

We can at least include the above link to the Microsoft doc in the
commit log.

> > It also mentions a "DmaProperty" that looks related. Maybe Linux
> > should also pay attention to this?
>
> Interesting. Since this is not in use currently by the kernel as well
> as not exposed by (our) BIOS, I don't have an immediate use case for
> this. I'd like to defer this for later (as-the-need-arises).

I agree, you can defer this until you see a need for it. I just
pointed it out in case it would be useful to you.

> > > + /*
> > > + * Devices are marked as external-facing using info from platform
> > > + * (ACPI / devicetree). An external-facing device is still an internal
> > > + * trusted device, but it faces external untrusted devices. Thus any
> > > + * devices enumerated downstream an external-facing device is marked
> > > + * as untrusted.
> >
> > This comment has a subject/verb agreement problem.
>
> I assume you meant s/is/are/ in last sentence. Will do.

Right. There's also something wrong with "enumerated downstream an".