Re: [PATCH V3 1/2] PCI: Allow drivers to request exclusive config regions
From: Greg Kroah-Hartman
Date: Tue Sep 27 2022 - 03:27:26 EST
On Mon, Sep 26, 2022 at 02:57:10PM -0700, ira.weiny@xxxxxxxxx wrote:
> From: Ira Weiny <ira.weiny@xxxxxxxxx>
>
> PCI config space access from user space has traditionally been
> unrestricted with writes being an understood risk for device operation.
>
> Unfortunately, device breakage or odd behavior from config writes lacks
> indicators that can leave driver writers confused when evaluating
> failures. This is especially true with the new PCIe Data Object
> Exchange (DOE) mailbox protocol where backdoor shenanigans from user
> space through things such as vendor defined protocols may affect device
> operation without complete breakage.
>
> A prior proposal restricted read and writes completely.[1] Greg and
> Bjorn pointed out that proposal is flawed for a couple of reasons.
> First, lspci should always be allowed and should not interfere with any
> device operation. Second, setpci is a valuable tool that is sometimes
> necessary and it should not be completely restricted.[2] Finally
> methods exist for full lock of device access if required.
>
> Even though access should not be restricted it would be nice for driver
> writers to be able to flag critical parts of the config space such that
> interference from user space can be detected.
>
> Introduce pci_request_config_region_exclusive() to mark exclusive config
> regions. Such regions trigger a warning and kernel taint if accessed
> via user space.
>
> Create pci_warn_once() to restrict the user from spamming the log.
>
> [1] https://lore.kernel.org/all/161663543465.1867664.5674061943008380442.stgit@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
> [2] https://lore.kernel.org/all/YF8NGeGv9vYcMfTV@xxxxxxxxx/
>
> Cc: Bjorn Helgaas <bhelgaas@xxxxxxxxxx>
> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> Reviewed-by: Jonathan Cameron <Jonathan.Cameron@xxxxxxxxxx>
> Suggested-by: Dan Williams <dan.j.williams@xxxxxxxxx>
> Signed-off-by: Ira Weiny <ira.weiny@xxxxxxxxx>
Acked-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>