Re: [PATCH 03/11] PCI: pci_stub: Suppress kernel DMA ownership auto-claiming
From: Bjorn Helgaas
Date: Mon Nov 15 2021 - 19:07:22 EST
On Mon, Nov 15, 2021 at 10:05:44AM +0800, Lu Baolu wrote:
> pci_stub allows the admin to block driver binding on a device and make
> it permanently shared with userspace. Since pci_stub does not do DMA,
> it is safe.
Can you elaborate on what "permanently shared with userspace" means
here? I assume it's only permanent as long as pci-stub is bound to
the device?
Also, a few words about what "it is safe" means here would be helpful.
> However the admin must understand that using pci_stub allows
> userspace to attack whatever device it was bound to.
The admin isn't going to read this sentence. Should there be a doc
update related to this? What sort of attack does this refer to?
> Signed-off-by: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
> ---
> drivers/pci/pci-stub.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/pci/pci-stub.c b/drivers/pci/pci-stub.c
> index e408099fea52..6324c68602b4 100644
> --- a/drivers/pci/pci-stub.c
> +++ b/drivers/pci/pci-stub.c
> @@ -36,6 +36,9 @@ static struct pci_driver stub_driver = {
> .name = "pci-stub",
> .id_table = NULL, /* only dynamic id's */
> .probe = pci_stub_probe,
> + .driver = {
> + .suppress_auto_claim_dma_owner = true,
> + },
> };
>
> static int __init pci_stub_init(void)
> --
> 2.25.1
>