From: Mika Westerberg <mika.westerberg-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
To: "Rafael J. Wysocki" <rafael-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: Alex Williamson
<alex.williamson-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"Raj, Ashok" <ashok.raj-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
Mario Limonciello
<Mario.Limonciello-8PEkshWhKlo@public.gmane.org>,
Michael Jamet
<michael.jamet-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
ckellner-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
"Rafael J. Wysocki" <rjw-LthD3rsA81gm4RdzfppkhA@public.gmane.org>,
Yehezkel Bernat
<YehezkelShB-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Anthony Wong
<anthony.wong-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>,
Andreas Noever
<andreas.noever-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
"open list:AMD IOMMU (AMD-VI)"
<iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>,
Lukas Wunner <lukas-JFq808J9C/izQB+pC5nmwQ@public.gmane.org>,
"Pan,
Jacob jun"
<jacob.jun.pan-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
Linux PCI <linux-pci-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Bjorn Helgaas <bhelgaas-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
ACPI Devel Maling List
<linux-acpi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
David Woodhouse <dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
Linux Kernel Mailing List
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [PATCH v2 1/4] PCI / ACPI: Identify untrusted PCI devices
Date: Wed, 28 Nov 2018 12:54:15 +0200 [thread overview]
Message-ID: <20181128105415.GV2296@lahna.fi.intel.com> (raw)
In-Reply-To: <CAJZ5v0he4BmyJ97=uwVpJtojhe0f5pTq81LBdAQG6RFy6edKrQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
On Tue, Nov 27, 2018 at 06:14:43PM +0100, Rafael J. Wysocki wrote:
> > diff --git a/drivers/acpi/property.c b/drivers/acpi/property.c
> > index 8c7c4583b52d..4bdad32f62c8 100644
> > --- a/drivers/acpi/property.c
> > +++ b/drivers/acpi/property.c
> > @@ -31,6 +31,9 @@ static const guid_t prp_guids[] = {
> > /* Hotplug in D3 GUID: 6211e2c0-58a3-4af3-90e1-927a4e0c55a4 */
> > GUID_INIT(0x6211e2c0, 0x58a3, 0x4af3,
> > 0x90, 0xe1, 0x92, 0x7a, 0x4e, 0x0c, 0x55, 0xa4),
> > + /* External facing port GUID: efcc06cc-73ac-4bc3-bff0-76143807c389 */
> > + GUID_INIT(0xefcc06cc, 0x73ac, 0x4bc3,
> > + 0xbf, 0xf0, 0x76, 0x14, 0x38, 0x07, 0xc3, 0x89),
> > };
>
> One observation here. Note that I really have no strong opinion on
> that, so this is not an objection, but IMO it is fair to make things
> clear for everybody.
>
> So this causes the External facing port GUID (which already is the
> case with the Hotplug in D3 GUID for that matter) to be practically
> equivalent to the ACPI _DSD device properties GUID. This means that
> Linux will consider a combination of any of these GUIDs with any
> properties defined for any of them as valid, which need not be the
> case in Windows.
>
> For example, since the ExternalFacingPort property is defined along
> with the External facing port GUID, Windows will likely ignore it if
> it is used in a combination with the Hotplug in D3 GUID or the ACPI
> _DSD device properties GUID. If the firmware combines the Hotplug in
> D3 GUID or the ACPI _DSD device properties GUID with that property,
> Windows will not regard it as valid, most likely, but Linux will use
> it just fine. In the face of ASL bugs, which are inevitable (at least
> just because ASL is code written by humans), that may become a real
> problem, as systems successfully tested with Windows may not work with
> Linux as expected and vice versa because of it.
That's a fair point.
> >From the ecosystem purity perspective this should be avoided, but then
> I do realize that this allows code to be re-used and avoids quite a
> bit of complexity. The likelihood of an ASL bug that will expose this
> issue is arguably small, so maybe it is not a practical concern after
> all.
One option assuming we want to prevent the potential discrepancy you
described above is to add ACPI specific property accessors that take
GUID as parameter. Then it would only look properties inside that
particular _DSD entry. I'm not sure if it is worth the added complexity,
though.
WARNING: multiple messages have this Message-ID (diff)
From: Mika Westerberg <mika.westerberg@linux.intel.com>
To: "Rafael J. Wysocki" <rafael@kernel.org>
Cc: "open list:AMD IOMMU (AMD-VI)" <iommu@lists.linux-foundation.org>,
Joerg Roedel <joro@8bytes.org>,
David Woodhouse <dwmw2@infradead.org>,
Lu Baolu <baolu.lu@linux.intel.com>,
"Raj, Ashok" <ashok.raj@intel.com>,
Bjorn Helgaas <bhelgaas@google.com>,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
"Pan, Jacob jun" <jacob.jun.pan@intel.com>,
Andreas Noever <andreas.noever@gmail.com>,
Michael Jamet <michael.jamet@intel.com>,
Yehezkel Bernat <YehezkelShB@gmail.com>,
Lukas Wunner <lukas@wunner.de>,
ckellner@redhat.com,
Mario Limonciello <Mario.Limonciello@dell.com>,
Anthony Wong <anthony.wong@canonical.com>,
Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>,
Christoph Hellwig <hch@infradead.org>,
Alex Williamson <alex.williamson@redhat.com>,
ACPI Devel Maling List <linux-acpi@vger.kernel.org>,
Linux PCI <linux-pci@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2 1/4] PCI / ACPI: Identify untrusted PCI devices
Date: Wed, 28 Nov 2018 12:54:15 +0200 [thread overview]
Message-ID: <20181128105415.GV2296@lahna.fi.intel.com> (raw)
In-Reply-To: <CAJZ5v0he4BmyJ97=uwVpJtojhe0f5pTq81LBdAQG6RFy6edKrQ@mail.gmail.com>
On Tue, Nov 27, 2018 at 06:14:43PM +0100, Rafael J. Wysocki wrote:
> > diff --git a/drivers/acpi/property.c b/drivers/acpi/property.c
> > index 8c7c4583b52d..4bdad32f62c8 100644
> > --- a/drivers/acpi/property.c
> > +++ b/drivers/acpi/property.c
> > @@ -31,6 +31,9 @@ static const guid_t prp_guids[] = {
> > /* Hotplug in D3 GUID: 6211e2c0-58a3-4af3-90e1-927a4e0c55a4 */
> > GUID_INIT(0x6211e2c0, 0x58a3, 0x4af3,
> > 0x90, 0xe1, 0x92, 0x7a, 0x4e, 0x0c, 0x55, 0xa4),
> > + /* External facing port GUID: efcc06cc-73ac-4bc3-bff0-76143807c389 */
> > + GUID_INIT(0xefcc06cc, 0x73ac, 0x4bc3,
> > + 0xbf, 0xf0, 0x76, 0x14, 0x38, 0x07, 0xc3, 0x89),
> > };
>
> One observation here. Note that I really have no strong opinion on
> that, so this is not an objection, but IMO it is fair to make things
> clear for everybody.
>
> So this causes the External facing port GUID (which already is the
> case with the Hotplug in D3 GUID for that matter) to be practically
> equivalent to the ACPI _DSD device properties GUID. This means that
> Linux will consider a combination of any of these GUIDs with any
> properties defined for any of them as valid, which need not be the
> case in Windows.
>
> For example, since the ExternalFacingPort property is defined along
> with the External facing port GUID, Windows will likely ignore it if
> it is used in a combination with the Hotplug in D3 GUID or the ACPI
> _DSD device properties GUID. If the firmware combines the Hotplug in
> D3 GUID or the ACPI _DSD device properties GUID with that property,
> Windows will not regard it as valid, most likely, but Linux will use
> it just fine. In the face of ASL bugs, which are inevitable (at least
> just because ASL is code written by humans), that may become a real
> problem, as systems successfully tested with Windows may not work with
> Linux as expected and vice versa because of it.
That's a fair point.
> >From the ecosystem purity perspective this should be avoided, but then
> I do realize that this allows code to be re-used and avoids quite a
> bit of complexity. The likelihood of an ASL bug that will expose this
> issue is arguably small, so maybe it is not a practical concern after
> all.
One option assuming we want to prevent the potential discrepancy you
described above is to add ACPI specific property accessors that take
GUID as parameter. Then it would only look properties inside that
particular _DSD entry. I'm not sure if it is worth the added complexity,
though.
next prev parent reply other threads:[~2018-11-28 10:54 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-26 11:15 [PATCH v2 0/4] PCI / iommu / thunderbolt: IOMMU based DMA protection Mika Westerberg
2018-11-26 11:15 ` Mika Westerberg
2018-11-26 11:15 ` [PATCH v2 1/4] PCI / ACPI: Identify untrusted PCI devices Mika Westerberg
2018-11-26 11:15 ` Mika Westerberg
[not found] ` <20181126111526.56340-2-mika.westerberg-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2018-11-27 0:17 ` Bjorn Helgaas
2018-11-27 0:17 ` Bjorn Helgaas
[not found] ` <20181127001711.GC212532-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2018-11-27 8:54 ` Mika Westerberg
2018-11-27 8:54 ` Mika Westerberg
2018-11-27 16:49 ` Rafael J. Wysocki
2018-11-27 16:49 ` Rafael J. Wysocki
2018-11-28 20:31 ` Bjorn Helgaas
2018-11-27 17:14 ` Rafael J. Wysocki
2018-11-27 17:14 ` Rafael J. Wysocki
2018-11-27 19:10 ` Mario.Limonciello
2018-11-27 19:10 ` Mario.Limonciello
[not found] ` <CAJZ5v0he4BmyJ97=uwVpJtojhe0f5pTq81LBdAQG6RFy6edKrQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2018-11-28 10:54 ` Mika Westerberg [this message]
2018-11-28 10:54 ` Mika Westerberg
2018-11-28 11:24 ` Rafael J. Wysocki
2018-11-28 11:24 ` Rafael J. Wysocki
2018-11-28 11:39 ` Mika Westerberg
2018-11-28 11:39 ` Mika Westerberg
2018-11-26 11:15 ` [PATCH v2 2/4] iommu/vt-d: Force IOMMU on for platform opt in hint Mika Westerberg
2018-11-26 11:15 ` Mika Westerberg
2018-11-26 11:15 ` [PATCH v2 3/4] iommu/vt-d: Do not enable ATS for untrusted devices Mika Westerberg
2018-11-26 11:15 ` Mika Westerberg
2018-11-26 11:15 ` [PATCH v2 4/4] thunderbolt: Export IOMMU based DMA protection support to userspace Mika Westerberg
2018-11-26 11:15 ` Mika Westerberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181128105415.GV2296@lahna.fi.intel.com \
--to=mika.westerberg-vuqaysv1563yd54fqh9/ca@public.gmane.org \
--cc=Mario.Limonciello-8PEkshWhKlo@public.gmane.org \
--cc=YehezkelShB-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=alex.williamson-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=andreas.noever-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=anthony.wong-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org \
--cc=ashok.raj-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=bhelgaas-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org \
--cc=ckellner-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=jacob.jun.pan-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=linux-acpi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-pci-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=lukas-JFq808J9C/izQB+pC5nmwQ@public.gmane.org \
--cc=michael.jamet-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=rafael-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=rjw-LthD3rsA81gm4RdzfppkhA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.