RE: [PATCH V3 0/2] CXL: Taint user access to DOE mailbox config space

From: Dan Williams
Date: Fri Oct 21 2022 - 19:33:18 EST


ira.weiny@ wrote:
> From: Ira Weiny <ira.weiny@xxxxxxxxx>
>
> Changes from V2
> Incorporate feedback from Greg and Jonathan
>
> Changes from V1
> Incorporate feedback from Dan and Greg.
>
> PCI config space access from user space has traditionally been unrestricted
> with writes being an understood risk for device operation.
>
> Unfortunately, device breakage or odd behavior from config writes lacks
> indicators that can leave driver writers confused when evaluating failures.
> This is especially true with the new PCIe Data Object Exchange (DOE) mailbox
> protocol where backdoor shenanigans from user space through things such as
> vendor defined protocols may affect device operation without complete breakage.
>
> Even though access should not be restricted it would be nice for driver writers
> to be able to flag critical parts of the config space such that interference
> from user space can be detected.
>
> Introduce pci_request_config_region_exclusive() and use it in the CXL driver
> for DOE config space.
>
> Ira Weiny (2):
> PCI: Allow drivers to request exclusive config regions
> cxl/doe: Request exclusive DOE access
>
> drivers/cxl/pci.c | 5 +++++
> drivers/pci/pci-sysfs.c | 7 +++++++
> drivers/pci/probe.c | 6 ++++++
> include/linux/ioport.h | 2 ++
> include/linux/pci.h | 17 +++++++++++++++++
> include/uapi/linux/pci_regs.h | 1 +
> kernel/resource.c | 13 ++++++++-----
> 7 files changed, 46 insertions(+), 5 deletions(-)
>
>
> base-commit: f76349cf41451c5c42a99f18a9163377e4b364ff

Applied for v6.2. I am not a huge fan of the driver_exclusive_resource
naming since it leaves out the configuration address space aspect.
However, any other naming I can think of confuses it with the
traditional PCI device resources which do more than just host
exclusions.