lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 6 Jul 2020 11:41:26 -0500
From:   Bjorn Helgaas <>
To:     Greg Kroah-Hartman <>
Cc:     Rajat Jain <>,
        David Woodhouse <>,
        Lu Baolu <>,
        Joerg Roedel <>,
        Bjorn Helgaas <>,
        "Rafael J. Wysocki" <>,
        Len Brown <>,,,,, Raj Ashok <>,,
        Mika Westerberg <>,
        Jean-Philippe Brucker <>,
        Prashant Malani <>,
        Benson Leung <>,
        Todd Broch <>,
        Alex Levin <>,
        Mattias Nissler <>,
        Rajat Jain <>,
        Bernie Keany <>,
        Aaron Durbin <>,
        Diego Rivas <>,
        Duncan Laurie <>,
        Furquan Shaikh <>,
        Jesse Barnes <>,
        Christian Kellner <>,
        Alex Williamson <>,,
        Saravana Kannan <>,
        Suzuki K Poulose <>,
        Arnd Bergmann <>,
        Heikki Krogerus <>
Subject: Re: [PATCH v2 2/7] PCI: Set "untrusted" flag for truly external
 devices only

On Tue, Jun 30, 2020 at 09:55:54AM +0200, Greg Kroah-Hartman wrote:
> On Mon, Jun 29, 2020 at 09:49:38PM -0700, Rajat Jain wrote:
> > The "ExternalFacing" devices (root ports) are still internal devices that
> > sit on the internal system fabric and thus trusted. Currently they were
> > being marked untrusted.
> > 
> > This patch uses the platform flag to identify the external facing devices
> > and then use it to mark any downstream devices as "untrusted". The
> > external-facing devices themselves are left as "trusted". This was
> > discussed here:
> {sigh}
> First off, please use links, we don't control
> and it often times has been down.
> Also, you need to put all of the information in the changelog, referring
> to another place isn't always the best thing, considering you will be
> looking this up in 20+ years to try to figure out why people came up
> with such a crazy design.
> But, the main point is, no, we did not decide on this.  "trust" is a
> policy decision to make by userspace, it is independant of "location",
> while you are tieing it directly here, which is what I explicitly said
> NOT to do.
> So again, no, I will NAK this patch as-is, sorry, you are mixing things
> together in a way that it should not do at this point in time.

What do you see being mixed together here?  I acknowledge that the
name of "pdev->untrusted" is probably a mistake.  But this patch
doesn't change anything there.  It only changes the treatment of the
edge case of the "ExternalFacing" ports.  Previously we treated them
as being external themselves, which does seem wrong.

Powered by blists - more mailing lists