From: Allen <allen.lkml@gmail.com>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: linux-pci@vger.kernel.org, bhelgaas@google.com, ast@kernel.org,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Allen Pais <apais@linux.microsoft.com>,
Allen Pais <allen.pais@lkml.com>
Subject: Re: [RFC] PCI: allow sysfs file owner to read the config space with CAP_SYS_RAWIO
Date: Mon, 19 Oct 2020 18:30:16 +0530 [thread overview]
Message-ID: <CAOMdWSJDJ-uXpis1WbG3LnOG7bMiif5Q4Maafv_a=55Y_qypfQ@mail.gmail.com> (raw)
In-Reply-To: <20201016062027.GB569795@kroah.com>
> >
> > Access to pci config space is explictly checked with CAP_SYS_ADMIN
> > in order to read configuration space past the frist 64B.
> >
> > Since the path is only for reading, could we use CAP_SYS_RAWIO?
>
> Why? What needs this reduced capability?
Thanks for the review.
We need read access to /sys/bus/pci/devices/, We need write access to config,
remove, rescan & enable files under the device directory for each PCIe
functions & the downstream PCIe port.
We need r/w access to sysfs to unbind and rebind the root complex.
>
> > This patch contains a simpler fix, I would love to hear from the
> > Maintainers on the approach.
> >
> > The other approach that I considered was to introduce and API
> > which would check for multiple capabilities, something similar to
> > perfmon_capable()/bpf_capable(). But I could not find more users
> > for the API and hence dropped it.
> >
> > The problem I am trying to solve is to avoid handing out
> > CAP_SYS_ADMIN for extended reads of the PCI config space.
>
> Who is reading this config space that doesn't have admin rights? And
> what are they doing with it?
>
> One big problem is that some devices will crash if you do this wrong,
> which is why we restricted it to root. Hopefully all of those devices
> are now gone, but I don't think you can count on it.
>
> The "guaranteed safe" fields in the config space are already exported by
> sysfs for all users to read, are they not sufficient?
>
> thanks,
>
> greg k-h
--
- Allen
next prev parent reply other threads:[~2020-10-19 13:00 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-16 5:52 [RFC] PCI: allow sysfs file owner to read the config space with CAP_SYS_RAWIO Allen Pais
2020-10-16 6:20 ` Greg KH
2020-10-19 13:00 ` Allen [this message]
2020-10-19 13:16 ` Greg KH
2020-10-19 13:21 ` Allen
2020-10-19 13:47 ` Greg KH
2020-10-19 14:32 ` Allen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAOMdWSJDJ-uXpis1WbG3LnOG7bMiif5Q4Maafv_a=55Y_qypfQ@mail.gmail.com' \
--to=allen.lkml@gmail.com \
--cc=allen.pais@lkml.com \
--cc=apais@linux.microsoft.com \
--cc=ast@kernel.org \
--cc=bhelgaas@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.