| Message ID | 20220926215711.2893286-1-ira.weiny@intel.com |
|---|---|
| Headers | show |
| Series | CXL: Taint user access to DOE mailbox config space | expand |
ira.weiny@ wrote: > From: Ira Weiny <ira.weiny@intel.com> > > Changes from V2 > Incorporate feedback from Greg and Jonathan > > Changes from V1 > Incorporate feedback from Dan and Greg. > > PCI config space access from user space has traditionally been unrestricted > with writes being an understood risk for device operation. > > Unfortunately, device breakage or odd behavior from config writes lacks > indicators that can leave driver writers confused when evaluating failures. > This is especially true with the new PCIe Data Object Exchange (DOE) mailbox > protocol where backdoor shenanigans from user space through things such as > vendor defined protocols may affect device operation without complete breakage. > > Even though access should not be restricted it would be nice for driver writers > to be able to flag critical parts of the config space such that interference > from user space can be detected. > > Introduce pci_request_config_region_exclusive() and use it in the CXL driver > for DOE config space. > > Ira Weiny (2): > PCI: Allow drivers to request exclusive config regions > cxl/doe: Request exclusive DOE access > > drivers/cxl/pci.c | 5 +++++ > drivers/pci/pci-sysfs.c | 7 +++++++ > drivers/pci/probe.c | 6 ++++++ > include/linux/ioport.h | 2 ++ > include/linux/pci.h | 17 +++++++++++++++++ > include/uapi/linux/pci_regs.h | 1 + > kernel/resource.c | 13 ++++++++----- > 7 files changed, 46 insertions(+), 5 deletions(-) > > > base-commit: f76349cf41451c5c42a99f18a9163377e4b364ff Applied for v6.2. I am not a huge fan of the driver_exclusive_resource naming since it leaves out the configuration address space aspect. However, any other naming I can think of confuses it with the traditional PCI device resources which do more than just host exclusions.
From: Ira Weiny <ira.weiny@intel.com> Changes from V2 Incorporate feedback from Greg and Jonathan Changes from V1 Incorporate feedback from Dan and Greg. PCI config space access from user space has traditionally been unrestricted with writes being an understood risk for device operation. Unfortunately, device breakage or odd behavior from config writes lacks indicators that can leave driver writers confused when evaluating failures. This is especially true with the new PCIe Data Object Exchange (DOE) mailbox protocol where backdoor shenanigans from user space through things such as vendor defined protocols may affect device operation without complete breakage. Even though access should not be restricted it would be nice for driver writers to be able to flag critical parts of the config space such that interference from user space can be detected. Introduce pci_request_config_region_exclusive() and use it in the CXL driver for DOE config space. Ira Weiny (2): PCI: Allow drivers to request exclusive config regions cxl/doe: Request exclusive DOE access drivers/cxl/pci.c | 5 +++++ drivers/pci/pci-sysfs.c | 7 +++++++ drivers/pci/probe.c | 6 ++++++ include/linux/ioport.h | 2 ++ include/linux/pci.h | 17 +++++++++++++++++ include/uapi/linux/pci_regs.h | 1 + kernel/resource.c | 13 ++++++++----- 7 files changed, 46 insertions(+), 5 deletions(-) base-commit: f76349cf41451c5c42a99f18a9163377e4b364ff