lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <63532b3d9a65b_4da329488@dwillia2-xfh.jf.intel.com.notmuch>
Date:   Fri, 21 Oct 2022 16:29:01 -0700
From:   Dan Williams <dan.j.williams@...el.com>
To:     <ira.weiny@...el.com>, Dan Williams <dan.j.williams@...el.com>
CC:     Ira Weiny <ira.weiny@...el.com>,
        Alison Schofield <alison.schofield@...el.com>,
        Vishal Verma <vishal.l.verma@...el.com>,
        "Ben Widawsky" <bwidawsk@...nel.org>, <linux-cxl@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>, <linux-pci@...r.kernel.org>
Subject: RE: [PATCH V3 0/2] CXL: Taint user access to DOE mailbox config space

ira.weiny@ wrote:
> From: Ira Weiny <ira.weiny@...el.com>
> 
> Changes from V2
> 	Incorporate feedback from Greg and Jonathan
> 
> Changes from V1
> 	Incorporate feedback from Dan and Greg.
> 
> PCI config space access from user space has traditionally been unrestricted
> with writes being an understood risk for device operation.
> 
> Unfortunately, device breakage or odd behavior from config writes lacks
> indicators that can leave driver writers confused when evaluating failures.
> This is especially true with the new PCIe Data Object Exchange (DOE) mailbox
> protocol where backdoor shenanigans from user space through things such as
> vendor defined protocols may affect device operation without complete breakage.
> 
> Even though access should not be restricted it would be nice for driver writers
> to be able to flag critical parts of the config space such that interference
> from user space can be detected.
> 
> Introduce pci_request_config_region_exclusive() and use it in the CXL driver
> for DOE config space.
> 
> Ira Weiny (2):
>   PCI: Allow drivers to request exclusive config regions
>   cxl/doe: Request exclusive DOE access
> 
>  drivers/cxl/pci.c             |  5 +++++
>  drivers/pci/pci-sysfs.c       |  7 +++++++
>  drivers/pci/probe.c           |  6 ++++++
>  include/linux/ioport.h        |  2 ++
>  include/linux/pci.h           | 17 +++++++++++++++++
>  include/uapi/linux/pci_regs.h |  1 +
>  kernel/resource.c             | 13 ++++++++-----
>  7 files changed, 46 insertions(+), 5 deletions(-)
> 
> 
> base-commit: f76349cf41451c5c42a99f18a9163377e4b364ff

Applied for v6.2. I am not a huge fan of the driver_exclusive_resource
naming since it leaves out the configuration address space aspect.
However, any other naming I can think of confuses it with the
traditional PCI device resources which do more than just host
exclusions.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ