ARM-software · chetan-rathore · Aug 8, 2025 · Aug 5, 2025
diff --git a/docs/pcie/ErrorInjection.md b/docs/pcie/ErrorInjection.md
@@ -66,7 +66,10 @@ A new Error injection extended capability, implemented as a DVSEC, has been adde
  inject_error_immediately    17     Inject error in this endpoint configured      RW       0x0
                                     using the error_code field.
 
- reserved                    19:18  Reserved                                      RO       0x0
+ set_poison_mode             18     To configure Poison mode. See Poison          RW       0x0
+                                    mode section for more details.
+
+ reserved                    19     Reserved                                      RO       0x0
 
  error_code                  30:20  Error code configuration for corrupt DMA      RW       0x0
                                     mode and inject_error_immediately
@@ -87,6 +90,9 @@ There are 2 ways to inject errors:
 
   * Corrupt DMA : With the `inject_error_on_dma` bit set, the endpoint is put in Corrupt DMA mode. Any peer-to-peer DMAs generated in corrupt DMA mode, will lead to an error injection in destination endpoint. All DMAs will fail by default in this mode, so this bit will need to be cleared for normal functioning of DMAs for this endpoint. The injected error in destination endpoint will be as configured by `error_code` field in control register. The error_codes are defined in Error Codes section.
 
+## Poison mode
+`set_poison_mode` bit is added at control register's bit number 18. When this bit is set to 1, the endpoint is put in poison mode and then any read requests to endpoint's BAR memory space will result in all 1's data and write access will be ignored. Also the poison error message will be sent to the upstream Root Port and it will record the error bits in `ERR<n>STATUS` (RAS's STATUS register). This will only happen if Error Reporting is turned on in endpoint's PCIe express capability using the control register. Clear `set_poison_mode` bit which will disable poison mode, endpoint will continue with normal operations and allows access to it's BAR memory space.
+
 ## Error Codes
 ```
     Error Name                             Error Code
@@ -124,4 +130,4 @@ When an corrupt DMA passes through an intermediate component such as a switch, i
 
 --------------
 
-*Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2023-2025, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/pcie/Exerciser.md b/docs/pcie/Exerciser.md
@@ -29,7 +29,9 @@ capability validation tests. Exerciser's BAR0 space contains following control a
  DMA Control Register            Configure and trigger DMA transactions(DMA_CTL_REG)     0x8
 
  DMA Offset Register             Configure DMA transaction access offset (in bytes)      0xc
-                                 from base of exerciser memory.
+                                 from base of exerciser memory and use it to configure
+                                 the offset within the BAR1 region, where read or write
+                                 data is stored.
 
  Bus Address Register            Configure bus address that is destination/source        0x10
                                  for DMA or untranslated input address for ATSRequest.
@@ -186,6 +188,9 @@ capability validation tests. Exerciser's BAR0 space contains following control a
 
   * Status of the last DMA request can be known from DMA Status Register.
 
+  * If the user wants to read from or write to memory, the data will be stored at a location in the BAR1 region.
+    The location within BAR1 is configured using the DMA Offset Register.
+
 **MSI Generation and Service**
 
 ```
@@ -316,10 +321,10 @@ capability validation tests. Exerciser's BAR0 space contains following control a
                                          given when ATSRequest was
                                          privileged.
 
- ReadPrivileged            5             If 1 Read permission was given   RO         0b
+ ReadPrivileged            6             If 1 Read permission was given   RO         0b
                                          when ATSRequest was privileged.
 
- ReplyPermissionReserved  31:6           Reserved                         RO         0h
+ ReplyPermissionReserved  31:7           Reserved                         RO         0h
 
 ```
 
@@ -404,6 +409,22 @@ and memory transactions. This includes,
 
 * memory transactions which are forwarded from PCIe endpoint to device(like exerciser).
 
+```
+                                            +--------------------------+
+                                            |        Exerciser         |
+                                            |                          |
+  +--------------+     +---------------+    |  +---------------------+ |
+  | PE Subsystem |---> | PCIe Endpoint |--->|  | Transaction monitor | |
+  +--------------+     +---------------+ |  |  +---------------------+ |
+                                         |  |                          |
+                                         |  |                          |
+                                         |  +--------------------------+
+                                         |
+                                         +--------> get_transaction_monitor_control_if
+                                                        [PCIDevice2ClientProtocol]
+
+```
+
 
 Each recorded transaction has the following information:
 
@@ -445,14 +466,13 @@ Note: Each beat in a burst transaction is recorded as a single separate transact
   transaction byte size is calculated as log2(bytes). For example, if size is 8, bit3 of the upper 16 bits
   will be set.
   ------------------------------------------------------------------------------------------------
-           31:16            15   14   13   12   11   10   9   8   7   6   5   4   3   2   1   0
+           31:16            15   14   13   12   11   10   9   8   7   6   5   4   3   2   1    0
   ------------------------------------------------------------------------------------------------
   | Transaction byte size  |                Reserved                                 C/M  R/W  Type
 
   Bit0: Request type(defaults to zero).
   Bit1: 1 for Read and 0 for Write.
   Bit2: 1 for CFG transaction and 0 for MEM transaction.
-  Bits 31-16: Log2 of transaction size, in bytes.
 
 
  TransactionTraceControlReg  Bit          Description                      R/W    Value at reset
@@ -470,6 +490,5 @@ Note: Each beat in a burst transaction is recorded as a single separate transact
   * Read the transaction trace database register(offset 0x40). Each read returns one 32 bit entry mentioned above, starting
     from first transaction. A value of 0xFFFFffff indicates invalid entry.
 
---------------
 
-*Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2023-2025, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/pcie/PCIeConfigurableHierarchy.md b/docs/pcie/PCIeConfigurableHierarchy.md
@@ -783,4 +783,4 @@ An absence of rootbridge before the beginning of the device hierarchy implies a
 
 --------------
 
-*Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2023-2025, Arm Limited and Contributors. All rights reserved.*
Original file line number	Diff line number	Diff line change
Expand Up		@@ -783,4 +783,4 @@ An absence of rootbridge before the beginning of the device hierarchy implies a

		--------------

		Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.
		Copyright (c) 2023-2025, Arm Limited and Contributors. All rights reserved.