From: Logan Gunthorpe <logang@deltatee.com>
To: linux-kernel@vger.kernel.org, linux-pci@vger.kernel.org,
Bjorn Helgaas <bhelgaas@google.com>
Cc: Kelvin.Cao@microchip.com, Eric Pilmore <epilmore@gigaio.com>,
Doug Meyer <dmeyer@gigaio.com>,
Kelvin Cao <kelvin.cao@microchip.com>,
Logan Gunthorpe <logang@deltatee.com>
Subject: [PATCH 10/12] PCI/switchtec: Add permission check for the GAS access MRPC commands
Date: Mon, 6 Jan 2020 12:03:35 -0700 [thread overview]
Message-ID: <20200106190337.2428-11-logang@deltatee.com> (raw)
In-Reply-To: <20200106190337.2428-1-logang@deltatee.com>
From: Kelvin Cao <kelvin.cao@microchip.com>
GEN4 hardware provides new MRPC commands to read and write from
directly from any address in the PCI BAR (which Microsemi refers to
as GAS). Seeing accessing BAR registers can be dangerous and break
the driver, we don't want unpriviliged users to have this ability.
Therefore, for the local and remote GAS access MRPC commands, the
requesting process should need CAP_SYS_ADMIN. Priviligded processes
will already have access to the bar through the sysfs resource file
so this doesn't give userspace any capabilities it didn't already have.
Signed-off-by: Kelvin Cao <kelvin.cao@microchip.com>
[logang@deltatee.com: rework commit message]
Signed-off-by: Logan Gunthorpe <logang@deltatee.com>
---
drivers/pci/switch/switchtec.c | 6 ++++++
include/linux/switchtec.h | 5 +++++
2 files changed, 11 insertions(+)
diff --git a/drivers/pci/switch/switchtec.c b/drivers/pci/switch/switchtec.c
index 524cb4e4bbf7..990e0ee32f7b 100644
--- a/drivers/pci/switch/switchtec.c
+++ b/drivers/pci/switch/switchtec.c
@@ -478,6 +478,12 @@ static ssize_t switchtec_dev_write(struct file *filp, const char __user *data,
rc = -EFAULT;
goto out;
}
+ if (((MRPC_CMD_ID(stuser->cmd) == MRPC_GAS_WRITE) ||
+ (MRPC_CMD_ID(stuser->cmd) == MRPC_GAS_READ)) &&
+ !capable(CAP_SYS_ADMIN)) {
+ rc = -EPERM;
+ goto out;
+ }
data += sizeof(stuser->cmd);
rc = copy_from_user(&stuser->data, data, size - sizeof(stuser->cmd));
diff --git a/include/linux/switchtec.h b/include/linux/switchtec.h
index e85155244135..1c3e76b535a2 100644
--- a/include/linux/switchtec.h
+++ b/include/linux/switchtec.h
@@ -21,6 +21,11 @@
#define SWITCHTEC_EVENT_FATAL BIT(4)
#define SWITCHTEC_DMA_MRPC_EN BIT(0)
+
+#define MRPC_GAS_READ 0x29
+#define MRPC_GAS_WRITE 0x87
+#define MRPC_CMD_ID(x) ((x) & 0xffff)
+
enum {
SWITCHTEC_GAS_MRPC_OFFSET = 0x0000,
SWITCHTEC_GAS_TOP_CFG_OFFSET = 0x1000,
--
2.20.1
next prev parent reply other threads:[~2020-01-06 19:04 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-06 19:03 [PATCH 00/12] Switchtec Fixes and Gen4 Support Logan Gunthorpe
2020-01-06 19:03 ` [PATCH 01/12] PCI/switchtec: Use dma_set_mask_and_coherent() Logan Gunthorpe
2020-01-06 19:03 ` [PATCH 02/12] PCI/switchtec: Fix vep_vector_number ioread width Logan Gunthorpe
2020-01-06 19:03 ` [PATCH 03/12] PCI/switchtec: Add support for new events Logan Gunthorpe
2020-01-08 21:33 ` Bjorn Helgaas
2020-01-08 21:47 ` Logan Gunthorpe
2020-01-14 2:07 ` Kelvin.Cao
2020-01-14 18:21 ` Logan Gunthorpe
2020-01-14 19:07 ` Bjorn Helgaas
2020-01-06 19:03 ` [PATCH 04/12] PCI/switchtec: Remove redundant valid PFF number count Logan Gunthorpe
2020-01-06 19:03 ` [PATCH 05/12] PCI/switchtec: Move check event id from mask_event() to switchtec_event_isr() Logan Gunthorpe
2020-01-06 19:03 ` [PATCH 06/12] PCI/switchtec: Introduce Generation Variable Logan Gunthorpe
2020-01-06 19:03 ` [PATCH 07/12] PCI/switchtec: Separate out gen3 specific fields in the sys_info_regs structure Logan Gunthorpe
2020-01-06 19:03 ` [PATCH 08/12] PCI/switchtec: Add gen4 support in struct sys_info_regs Logan Gunthorpe
2020-01-08 21:21 ` Bjorn Helgaas
2020-01-06 19:03 ` [PATCH 09/12] PCI/switchtec: Add gen4 support in struct flash_info_regs Logan Gunthorpe
2020-01-08 21:23 ` Bjorn Helgaas
2020-01-08 21:34 ` Logan Gunthorpe
2020-01-06 19:03 ` Logan Gunthorpe [this message]
2020-01-06 19:03 ` [PATCH 11/12] PCI/switchtec: Introduce gen4 variant IDS in the device ID table Logan Gunthorpe
2020-01-06 19:03 ` [PATCH 12/12] PCI: Apply switchtec DMA aliasing quirk to GEN4 devices Logan Gunthorpe
2020-01-08 21:47 ` [PATCH 00/12] Switchtec Fixes and Gen4 Support Bjorn Helgaas
2020-01-08 21:53 ` Logan Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200106190337.2428-11-logang@deltatee.com \
--to=logang@deltatee.com \
--cc=Kelvin.Cao@microchip.com \
--cc=bhelgaas@google.com \
--cc=dmeyer@gigaio.com \
--cc=epilmore@gigaio.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).