Re: [PATCH 4/4] pci: export untrusted attribute in sysfs
From: Andy Shevchenko
Date: Thu Jun 18 2020 - 05:14:56 EST
On Thu, Jun 18, 2020 at 11:36 AM Greg Kroah-Hartman
<gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>
> On Thu, Jun 18, 2020 at 11:12:56AM +0300, Andy Shevchenko wrote:
> > On Wed, Jun 17, 2020 at 10:56 PM Rajat Jain <rajatja@xxxxxxxxxx> wrote:
> > > On Wed, Jun 17, 2020 at 12:31 AM Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
> >
> > ...
> >
> > > (and likely call it "external" instead of "untrusted".
> >
> > Which is not okay. 'External' to what? 'untrusted' has been carefully
> > chosen by the meaning of it.
> > What external does mean for M.2. WWAN card in my laptop? It's in ACPI
> > tables, but I can replace it.
>
> Then your ACPI tables should show this, there is an attribute for it,
> right?
There is a _PLD() method, but it's for the USB devices (or optional
for others, I don't remember by heart). So, most of the ACPI tables,
alas, don't show this.
> > This is only one example. Or if firmware of some device is altered,
> > and it's internal (whatever it means) is it trusted or not?
>
> That is what people are using policy for today, if you object to this,
> please bring it up to those developers :)
> > So, please leave it as is (I mean name).
>
> firmware today exports this attribute, why do you not want userspace to
> also know it?
>
> Trust is different, yes, don't get the two mixed up please. That should
> be a different sysfs attribute for obvious reasons.
Yes, as a bottom line that's what I meant as well.
--
With Best Regards,
Andy Shevchenko