lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 10 Oct 2013 07:45:05 +0000
From:	Bhushan Bharat-R65777 <R65777@...escale.com>
To:	Wood Scott-B07421 <B07421@...escale.com>,
	Yoder Stuart-B08248 <B08248@...escale.com>
CC:	Kim Phillips <kim.phillips@...aro.org>,
	Christoffer Dall <christoffer.dall@...aro.org>,
	Alex Williamson <alex.williamson@...hat.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"a.motakis@...tualopensystems.com" <a.motakis@...tualopensystems.com>,
	"agraf@...e.de" <agraf@...e.de>,
	Sethi Varun-B16395 <B16395@...escale.com>,
	"peter.maydell@...aro.org" <peter.maydell@...aro.org>,
	"santosh.shukla@...aro.org" <santosh.shukla@...aro.org>,
	"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
Subject: RE: RFC: (re-)binding the VFIO platform driver to a platform device



> -----Original Message-----
> From: Wood Scott-B07421
> Sent: Thursday, October 10, 2013 1:33 AM
> To: Yoder Stuart-B08248
> Cc: Wood Scott-B07421; Kim Phillips; Christoffer Dall; Alex Williamson; linux-
> kernel@...r.kernel.org; a.motakis@...tualopensystems.com; agraf@...e.de; Sethi
> Varun-B16395; Bhushan Bharat-R65777; peter.maydell@...aro.org;
> santosh.shukla@...aro.org; kvm@...r.kernel.org; gregkh@...uxfoundation.org
> Subject: Re: RFC: (re-)binding the VFIO platform driver to a platform device
> 
> On Wed, 2013-10-09 at 14:44 -0500, Yoder Stuart-B08248 wrote:
> >
> > > -----Original Message-----
> > > From: Wood Scott-B07421
> > > Sent: Wednesday, October 09, 2013 2:22 PM
> > > To: Yoder Stuart-B08248
> > > Cc: Wood Scott-B07421; Kim Phillips; Christoffer Dall; Alex
> > > Williamson; linux-kernel@...r.kernel.org;
> > > a.motakis@...tualopensystems.com; agraf@...e.de; Sethi Varun-B16395;
> > > Bhushan Bharat-R65777; peter.maydell@...aro.org;
> > > santosh.shukla@...aro.org; kvm@...r.kernel.org;
> > > gregkh@...uxfoundation.org
> > > Subject: Re: RFC: (re-)binding the VFIO platform driver to a
> > > platform device
> > >
> > > On Wed, 2013-10-09 at 14:02 -0500, Yoder Stuart-B08248 wrote:
> > > > Have been thinking about this issue some more.  As Scott
> > > > mentioned, 'wildcard' matching for a driver can be fairly done in
> > > > the platform bus driver.  We could add a new flag to the platform driver
> struct:
> > > >
> > > > diff --git a/drivers/base/platform.c b/drivers/base/platform.c
> > > > index 4f8bef3..4d6cf14 100644
> > > > --- a/drivers/base/platform.c
> > > > +++ b/drivers/base/platform.c
> > > > @@ -727,6 +727,10 @@ static int platform_match(struct device *dev,
> > > struct device_driver *drv)
> > > >         struct platform_device *pdev = to_platform_device(dev);
> > > >         struct platform_driver *pdrv = to_platform_driver(drv);
> > > >
> > > > +       /* the driver matches any device */
> > > > +       if (pdrv->match_any)
> > > > +               return 1;
> > > > +
> > > >         /* Attempt an OF style match first */
> > > >         if (of_driver_match_device(dev, drv))
> > > >                 return 1;
> > > >
> > > > However, the more problematic issue is that a bus driver has no
> > > > way to differentiate from an explicit bind request via sysfs and a
> > > > bind that happened through bus probing.
> > >
> > > Again, I think the wildcard match should be orthogonal to "don't
> > > bind by default" as far as the mechanism goes.
> > >
> > > There's already a "bool suppress_bind_attrs" to prevent sysfs
> > > bind/unbind.  I suggested a similar flag to mean the oppsosite --
> > > bind
> > > *only* through sysfs.  Greg KH was skeptical and wanted to see a
> > > patch before any further discussion.
> >
> > Ah, think I understand now...yes that works as well, and would be
> > less intrustive.   So are you writing a patch? :)
> 
> I've been meaning to since the previous round of discussion, but I've been busy.
> Would someone else be able to test it in the context of using it for VFIO?

I wish I could have but I do not have vfio-platform stuff. 

> 
> > It would be something like this, right?
> >
> > diff --git a/drivers/base/dd.c b/drivers/base/dd.c index
> > 35fa368..c9a61ea 100644
> > --- a/drivers/base/dd.c
> > +++ b/drivers/base/dd.c
> > @@ -389,7 +389,7 @@ static int __device_attach(struct device_driver
> > *drv, void *data)  {
> >         struct device *dev = data;
> >
> > -       if (!driver_match_device(drv, dev))
> > +       if (!drv->explicit_bind_only && !driver_match_device(drv,
> > + dev))
> >                 return 0;
> 
> if (drv->explicit_bind_only || !driver_match_device(drv, dev))
> 	return 0;

Scott, 
I am trying to understand what you are proposing here (example "DEVICE" can be handled by "DRIVER1" and "VFIO-PLATFORM-DRIVER"):
 - By default drv->explicit_bind_only will be clear in all drivers.
 - By default device->explicit_bind_only will also be clear for all devices.
 - On boot, matching devices will bound to the respective driver (DEVICE >==> DRIVER1).
   This will never bound with VFIO-PLATFORM-DRIVER. So far same as before.
 - Via Sysfs interface set drv->explicit_bind_only for VFIO-PLATFORM-DRIVER.
 - Then for the devices user want, set device->explicit_bind_only.
 - unbind DEVICE from DRIVER1
 - bind DEVICE with VFIO-PLATFORM-DRIVER. This time it will be successful because (device->explicit_bind_only && drv->explicit_bind_only) is set.
 - Now when done, unbind the DEVICE from VFIO-PLATFORM-DRIVER.
 - Now user can re-bind the device with either DRIVER1 or VFIO-PLATFORM-DRIVER.
 - Now once drv->explicit_bind_only is set in VFIO-PLATFORM-DRIVER, and a new device comes (device - hotplug) then can gets bound to matching drive and not with VFIO-PLATFORM-DRIVER.

This looks ok to me :)

Thanks
-Bharat
> 
> >         return driver_probe_device(drv, dev); @@ -450,7 +450,7 @@
> > static int __driver_attach(struct device *dev, void *data)
> >          * is an error.
> >          */
> >
> > -       if (!driver_match_device(drv, dev))
> > +       if (!drv->explicit_bind_only && !driver_match_device(drv,
> > + dev))
> >                 return 0;
> 
> Likewise -- or error out earlier in driver_attach().
> 
> Otherwise, that looks about right, for the driver side (though driver_attach
> could error out earlier rather than testing it inside the loop).
> 
> The other half of fixing the raciness is to ensure that the device doesn't get
> bound back to a non-VFIO driver (e.g. due to a module load or new_id).  The
> solution I proposed for that was a similar explicit-bind-only flag for a device,
> that the user sets through sysfs prior to unbinding.  This would also be useful
> in non-VFIO contexts to simply say "I don't want to use this device at all".
> 
> -Scott
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ