Re: [PATCH 2/2] pci: Add parameter to disable attaching untrusted devices
From: Greg Kroah-Hartman
Date: Sat Jun 27 2020 - 01:02:31 EST
On Fri, Jun 26, 2020 at 11:53:34AM -0700, Rajat Jain wrote:
> a) I think what was decided was introducing a device core "location"
> property that can be exposed to userspace to help it to decide whether
> or not to attach a driver to a device. Yes, that is still the plan.
Great, but this patch ignores that and starts to add policy :(
> (Mild sidenote: userspace may not need to distinguish between internal
> and external devices if it can assume that no internal PCI devices
> will show up after "echo 0 > /sys/bus/pci/drivers_autoprobe". But
> nevertheless...)
It can not assume that.
> b) Note that even with (a) in place, we still need a parameter that
> can ensure that drivers are not bound to external devices at boot,
> *before* userspace gets a chance to disable "drivers_autoprobe".
Why do you think you need that? I kind of doubt you really want this,
but ick, if you really do, make it a policy decision that you bake into
the kernel as a build option, so that no one else has to use it :)
> https://lkml.org/lkml/2020/6/15/1453
Ick, please use lore.kernel.org, we don't control lkml.org and it's not
all that reliable.
> Is it OK to add such a parameter in device core?
You don't have internal/external/wherever in the driver core yet, so
don't start adding policy before you get that...
thanks,
greg k-h