[0/4] cxl/mbox: Output payload validation reworks

Message

Dan Williams Dec. 6, 2022, 4:22 a.m. UTC

cxl_mbox_send_cmd() mentions:

        /*
         * Variable sized commands can't be validated and so it's up to the
         * caller to do that if they wish.
         */

...but it turns out that is not true. The caller never sees the
resulting output size, so all currently all kernel-internal
variable-output-size command code paths skip output payload size
validation. Additionally, to get any output size validation even for
non-variable sized commands, the command must appear in the
cxl_mem_commands array. That is a waste, especially for internal only
commands like PMEM security commands, because appearing in
cxl_mem_commands currently also a requires new entries in
include/uapi/linux/cxl_mem.h.

Fix this situation by pushing the responsibility to construct a 'struct
cxl_mbox_cmd' to callers. Rename cxl_mbox_send_cmd() to differentiate it
from the ioctl path handling. Add support for validating variable sized
output payloads optionally by a minimum size. Unrelated, but needs to be
fixed before this rework, fixup the endian handling of "Get Security
State" output in cxl_pmem_get_security_flags(). Lastly, remove the
uapi definitions for the security commands, only the opcodes need to be
defined for internal command usage.

---

Dan Williams (4):
      cxl/security: Fix Get Security State output payload endian handling
      cxl/mbox: Enable cxl_mbox_send_cmd() users to validate output size
      cxl/mbox: Add variable output size validation for internal commands
      cxl/security: Drop security command ioctl uapi


 drivers/cxl/core/mbox.c      |  118 ++++++++++++++++++++++--------------------
 drivers/cxl/cxlmem.h         |    6 +-
 drivers/cxl/pmem.c           |   21 ++++++-
 drivers/cxl/security.c       |   81 +++++++++++++++++++++--------
 include/uapi/linux/cxl_mem.h |    6 --
 5 files changed, 142 insertions(+), 90 deletions(-)

base-commit: 02fedf1466567424c336cd11cf368dcf78f2af33