From: "Grumbach, Emmanuel" <emmanuel.grumbach@intel.com>
To: Kalle Valo <kvalo@codeaurora.org>,
Emmanuel Grumbach <egrumbach@gmail.com>
Cc: "Coelho, Luciano" <luciano.coelho@intel.com>,
linux-wireless <linux-wireless@vger.kernel.org>,
"Beker, Ayala" <ayala.beker@intel.com>
Subject: RE: [PATCH v3 4/4] iwlwifi: mvm: add vendor commands needed for iwlmei
Date: Sat, 7 Aug 2021 18:34:34 +0000 [thread overview]
Message-ID: <SA0PR11MB4752D9B34C2A60B85CA3E5F3F2F49@SA0PR11MB4752.namprd11.prod.outlook.com> (raw)
In-Reply-To: <87o8acc8v1.fsf@codeaurora.org>
> > On Thu, Jun 24, 2021 at 8:13 PM Kalle Valo <kvalo@codeaurora.org> wrote:
> >>
> >> Emmanuel Grumbach <emmanuel.grumbach@intel.com> writes:
> >>
> >> > Add the vendor commands that must be used by the network manager
> to
> >> > allow proper operation of iwlmei.
> >> >
> >> > * Send information on the AP CSME is connected to
> >> > * Notify the userspace when roaming is forbidden
> >> > * Allow the userspace to require ownership
> >> >
> >> > Co-Developed-by: Ayala Beker <ayala.beker@intel.com>
> >> > Signed-off-by: Emmanuel Grumbach
> <emmanuel.grumbach@intel.com>
> >> > ---
> >> > drivers/net/wireless/intel/iwlwifi/Kconfig | 11 ++
> >> > .../net/wireless/intel/iwlwifi/mvm/Makefile | 1 +
> >> > .../net/wireless/intel/iwlwifi/mvm/mac80211.c | 2 +
> >> > drivers/net/wireless/intel/iwlwifi/mvm/mvm.h | 9 +-
> >> > .../wireless/intel/iwlwifi/mvm/vendor-cmd.c | 186
> ++++++++++++++++++
> >> > 5 files changed, 203 insertions(+), 6 deletions(-) create mode
> >> > 100644 drivers/net/wireless/intel/iwlwifi/mvm/vendor-cmd.c
> >> >
> >> > diff --git a/drivers/net/wireless/intel/iwlwifi/Kconfig
> >> > b/drivers/net/wireless/intel/iwlwifi/Kconfig
> >> > index 629aaa26a230..f91516d08b28 100644
> >> > --- a/drivers/net/wireless/intel/iwlwifi/Kconfig
> >> > +++ b/drivers/net/wireless/intel/iwlwifi/Kconfig
> >> > @@ -92,11 +92,22 @@ config IWLWIFI_BCAST_FILTERING
> >> > If unsure, don't enable this option, as some programs might
> >> > expect incoming broadcasts for their normal operations.
> >> >
> >> > +config IWLMVM_VENDOR_CMDS
> >> > + bool "Enable vendor commands"
> >> > + depends on IWLMVM
> >> > + help
> >> > + This option enables support for vendor commands, including some
> >> > + that don't have their own Kconfig option. Other Kconfig options
> >> > + depend on this one as well.
> >> > +
> >> > + This is not enabled by default, if unsure, say N.
> >>
> >> Why do we need a new Kconfig option? Why not always include it in the
> >> compilation?
> >
> > I expect 99.9% of the users to want to disable this.VENDOR_CMDS adds a
> > user space API and in a sense, it increases the attack surface. You
> > can claim that I can reuse the IWLMEI Kconfig option, which is true,
> > but we have other features that need VENDOR_CMDS that are not (yet)
> > upstream. So the idea here is that any feature that needs the
> > VENDOR_CMDS will select it and if none of them are enabled (for 99.9%
> > of the use cases), then, we would disable VENDOR_CMDS and decrease
> the
> > attack surface.
> >
> > Makes sense?
>
> How do you prevent users or distros from enabling the feature? They can be
> in a hurry, lazy or not caring and enable the feature anyway. So no, I'm not
> really buying this. If the interface is not secure it should not be in upstream, I
> think only exception to this is the nl80211 testmode interface which is for lab
> or similar use.
>
So what do you want?
To make it depend on IWLMEI Kconfig knob and not add the VENDOR_CMDS one?
Fine.
next prev parent reply other threads:[~2021-08-07 18:34 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-23 14:10 [PATCH v3 1/4] iwlwifi: mei: add the driver to allow cooperation with CSME Emmanuel Grumbach
2021-06-23 14:10 ` [PATCH v3 2/4] iwlwifi: integrate with iwlmei Emmanuel Grumbach
2021-06-23 19:49 ` kernel test robot
2021-06-23 19:49 ` [PATCH] iwlwifi: fix semicolon.cocci warnings kernel test robot
2021-06-23 14:10 ` [PATCH v3 3/4] nl80211: vendor-cmd: add Intel vendor commands for iwlmei usage Emmanuel Grumbach
2021-06-24 12:45 ` Johannes Berg
2021-06-24 12:51 ` Emmanuel Grumbach
2021-06-24 17:07 ` Kalle Valo
2021-06-24 19:56 ` Emmanuel Grumbach
2021-08-05 13:25 ` Kalle Valo
2021-08-07 18:32 ` Grumbach, Emmanuel
2021-10-18 11:25 ` Kalle Valo
2021-06-23 14:10 ` [PATCH v3 4/4] iwlwifi: mvm: add vendor commands needed for iwlmei Emmanuel Grumbach
2021-06-24 17:08 ` Kalle Valo
2021-06-24 19:59 ` Emmanuel Grumbach
2021-08-05 13:35 ` Kalle Valo
2021-08-07 18:34 ` Grumbach, Emmanuel [this message]
2021-10-18 11:27 ` Kalle Valo
2021-06-24 17:16 ` [PATCH v3 1/4] iwlwifi: mei: add the driver to allow cooperation with CSME Kalle Valo
2021-06-24 20:04 ` Emmanuel Grumbach
2021-08-05 13:38 ` Kalle Valo
2021-08-07 18:38 ` Grumbach, Emmanuel
2021-08-09 7:49 ` Arend van Spriel
2021-08-09 19:25 ` Grumbach, Emmanuel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=SA0PR11MB4752D9B34C2A60B85CA3E5F3F2F49@SA0PR11MB4752.namprd11.prod.outlook.com \
--to=emmanuel.grumbach@intel.com \
--cc=ayala.beker@intel.com \
--cc=egrumbach@gmail.com \
--cc=kvalo@codeaurora.org \
--cc=linux-wireless@vger.kernel.org \
--cc=luciano.coelho@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.