| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241105152455.GA1472398@bhelgaas> Date: Tue, 5 Nov 2024 09:24:55 -0600 From: Bjorn Helgaas <helgaas@...nel.org> To: Leon Romanovsky <leon@...nel.org> Cc: Bjorn Helgaas <bhelgaas@...gle.com>, Krzysztof WilczyĆski <kw@...ux.com>, linux-pci@...r.kernel.org, Ariel Almog <ariela@...dia.com>, Aditya Prabhune <aprabhune@...dia.com>, Hannes Reinecke <hare@...e.de>, Heiner Kallweit <hkallweit1@...il.com>, Arun Easi <aeasi@...vell.com>, Jonathan Chocron <jonnyc@...zon.com>, Bert Kenward <bkenward@...arflare.com>, Matt Carlson <mcarlson@...adcom.com>, Kai-Heng Feng <kai.heng.feng@...onical.com>, Jean Delvare <jdelvare@...e.de>, Alex Williamson <alex.williamson@...hat.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] PCI/sysfs: Fix read permissions for VPD attributes On Tue, Nov 05, 2024 at 09:51:30AM +0200, Leon Romanovsky wrote: > On Mon, Nov 04, 2024 at 06:10:27PM -0600, Bjorn Helgaas wrote: > > On Sun, Nov 03, 2024 at 02:33:44PM +0200, Leon Romanovsky wrote: > > > On Fri, Nov 01, 2024 at 11:47:37AM -0500, Bjorn Helgaas wrote: > > > > On Fri, Nov 01, 2024 at 04:33:00PM +0200, Leon Romanovsky wrote: > > > > > On Thu, Oct 31, 2024 at 06:22:52PM -0500, Bjorn Helgaas wrote: > > > > > > On Tue, Oct 29, 2024 at 07:04:50PM -0500, Bjorn Helgaas wrote: > > > > > > > On Mon, Oct 28, 2024 at 10:05:33AM +0200, Leon Romanovsky wrote: > > > > > > > > From: Leon Romanovsky <leonro@...dia.com> > > > > > > > > > > > > > > > > The Virtual Product Data (VPD) attribute is not > > > > > > > > readable by regular user without root permissions. > > > > > > > > Such restriction is not really needed, as data > > > > > > > > presented in that VPD is not sensitive at all. > > > > > > > > > > > > > > > > This change aligns the permissions of the VPD > > > > > > > > attribute to be accessible for read by all users, > > > > > > > > while write being restricted to root only. > ... > > What's the use case? How does an unprivileged user use the VPD > > information? > > We have to add new field keyword=value in VA section of VPD, which > will indicate very specific sub-model for devices used as a bridge. > > > I can certainly imagine using VPD for bug reporting, but that > > would typically involve dmesg, dmidecode, lspci -vv, etc, all of > > which already require privilege, so it's not clear to me how > > public VPD info would help in that scenario. > > I'm targeting other scenario - monitoring tool, which doesn't need > root permissions for reading data. It needs to distinguish between > NIC sub-models. Maybe the driver could expose something in sysfs? Maybe the driver needs to know the sub-model as well, and reading VPD once in the driver would make subsequent userspace sysfs reads trivial and fast. Bjorn
Powered by blists - more mailing lists