linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Kuppuswamy Sathyanarayanan  <sathyanarayanan.kuppuswamy@linux.intel.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Borislav Petkov <bp@alien8.de>
Cc: x86@kernel.org, Bjorn Helgaas <bhelgaas@google.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>,
	Andreas Noever <andreas.noever@gmail.com>,
	"Michael S . Tsirkin" <mst@redhat.com>,
	Michael Jamet <michael.jamet@intel.com>,
	Yehezkel Bernat <YehezkelShB@gmail.com>,
	"Rafael J . Wysocki" <rafael@kernel.org>,
	Mika Westerberg <mika.westerberg@linux.intel.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Jason Wang <jasowang@redhat.com>,
	Dan Williams <dan.j.williams@intel.com>,
	Andi Kleen <ak@linux.intel.com>,
	Kuppuswamy Sathyanarayanan <knsathya@kernel.org>,
	linux-kernel@vger.kernel.org, linux-pci@vger.kernel.org,
	linux-usb@vger.kernel.org,
	virtualization@lists.linux-foundation.org
Subject: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
Date: Wed, 29 Sep 2021 18:05:07 -0700	[thread overview]
Message-ID: <20210930010511.3387967-3-sathyanarayanan.kuppuswamy@linux.intel.com> (raw)
In-Reply-To: <20210930010511.3387967-1-sathyanarayanan.kuppuswamy@linux.intel.com>

While the common case for device-authorization is to skip probe of
unauthorized devices, some buses may still want to emit a message on
probe failure (Thunderbolt), or base probe failures on the
authorization status of a related device like a parent (USB). So add
an option (has_probe_authorization) in struct bus_type for the bus
driver to own probe authorization policy.

Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
---
 drivers/base/dd.c            | 5 +++++
 drivers/thunderbolt/domain.c | 1 +
 drivers/usb/core/driver.c    | 1 +
 include/linux/device/bus.h   | 4 ++++
 4 files changed, 11 insertions(+)

diff --git a/drivers/base/dd.c b/drivers/base/dd.c
index 68ea1f949daa..0cd03ac7d3b1 100644
--- a/drivers/base/dd.c
+++ b/drivers/base/dd.c
@@ -544,6 +544,11 @@ static int really_probe(struct device *dev, struct device_driver *drv)
 			   !drv->suppress_bind_attrs;
 	int ret;
 
+	if (!dev->authorized && !dev->bus->has_probe_authorization) {
+		dev_dbg(dev, "Device is not authorized\n");
+		return -ENODEV;
+	}
+
 	if (defer_all_probes) {
 		/*
 		 * Value of defer_all_probes can be set only by
diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c
index 3e39686eff14..6de8a366b796 100644
--- a/drivers/thunderbolt/domain.c
+++ b/drivers/thunderbolt/domain.c
@@ -321,6 +321,7 @@ struct bus_type tb_bus_type = {
 	.probe = tb_service_probe,
 	.remove = tb_service_remove,
 	.shutdown = tb_service_shutdown,
+	.has_probe_authorization = true,
 };
 
 static void tb_domain_release(struct device *dev)
diff --git a/drivers/usb/core/driver.c b/drivers/usb/core/driver.c
index fb476665f52d..f57b5a7a90ca 100644
--- a/drivers/usb/core/driver.c
+++ b/drivers/usb/core/driver.c
@@ -2028,4 +2028,5 @@ struct bus_type usb_bus_type = {
 	.match =	usb_device_match,
 	.uevent =	usb_uevent,
 	.need_parent_lock =	true,
+	.has_probe_authorization = true,
 };
diff --git a/include/linux/device/bus.h b/include/linux/device/bus.h
index 062777a45a74..571a2f6e7c1d 100644
--- a/include/linux/device/bus.h
+++ b/include/linux/device/bus.h
@@ -69,6 +69,9 @@ struct fwnode_handle;
  * @lock_key:	Lock class key for use by the lock validator
  * @need_parent_lock:	When probing or removing a device on this bus, the
  *			device core should lock the device's parent.
+ * @has_probe_authorization: Set true to indicate to the driver-core to skip
+ *			     the authorization checks and let bus drivers
+ *			     handle it locally.
  *
  * A bus is a channel between the processor and one or more devices. For the
  * purposes of the device model, all devices are connected via a bus, even if
@@ -112,6 +115,7 @@ struct bus_type {
 	struct lock_class_key lock_key;
 
 	bool need_parent_lock;
+	bool has_probe_authorization;
 };
 
 extern int __must_check bus_register(struct bus_type *bus);
-- 
2.25.1


  parent reply	other threads:[~2021-09-30  1:05 UTC|newest]

Thread overview: 75+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-30  1:05 [PATCH v2 0/6] Add device filter support Kuppuswamy Sathyanarayanan
2021-09-30  1:05 ` [PATCH v2 1/6] driver core: Move the "authorized" attribute from USB/Thunderbolt to core Kuppuswamy Sathyanarayanan
2021-09-30  1:42   ` Alan Stern
2021-09-30  1:55     ` Dan Williams
2021-09-30  2:38       ` Kuppuswamy, Sathyanarayanan
2021-09-30  4:59         ` Dan Williams
2021-09-30  9:05           ` Rafael J. Wysocki
2021-09-30 14:59       ` Alan Stern
2021-09-30 15:25         ` Dan Williams
2021-09-30 11:19   ` Yehezkel Bernat
2021-09-30 15:28     ` Dan Williams
2021-09-30 18:25       ` Yehezkel Bernat
2021-09-30 19:04         ` Dan Williams
2021-09-30 19:50           ` Kuppuswamy, Sathyanarayanan
2021-09-30 20:23             ` Dan Williams
2021-09-30  1:05 ` Kuppuswamy Sathyanarayanan [this message]
2021-09-30 10:59   ` [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices Michael S. Tsirkin
2021-09-30 13:52     ` Greg Kroah-Hartman
2021-09-30 14:38       ` Michael S. Tsirkin
2021-09-30 14:49         ` Greg Kroah-Hartman
2021-09-30 15:00           ` Michael S. Tsirkin
2021-09-30 15:22             ` Greg Kroah-Hartman
2021-09-30 17:17               ` Andi Kleen
2021-09-30 17:23                 ` Greg Kroah-Hartman
2021-09-30 19:15                   ` Andi Kleen
2021-10-01  6:29                     ` Greg Kroah-Hartman
2021-10-01 15:51                       ` Alan Stern
2021-10-01 15:56                         ` Andi Kleen
2021-09-30 14:43       ` Alan Stern
2021-09-30 14:48         ` Michael S. Tsirkin
2021-09-30 15:32           ` Alan Stern
2021-09-30 15:52             ` Michael S. Tsirkin
2021-09-30 14:58         ` Michael S. Tsirkin
2021-09-30 15:35           ` Alan Stern
2021-09-30 15:59             ` Michael S. Tsirkin
2021-09-30 19:23               ` Andi Kleen
2021-09-30 20:44                 ` Alan Stern
2021-09-30 20:52                   ` Dan Williams
2021-10-01  1:41                     ` Alan Stern
2021-10-01  2:20                       ` Dan Williams
2021-09-30 21:12                   ` Andi Kleen
2021-09-30  1:05 ` [PATCH v2 3/6] driver core: Allow arch to initialize the authorized attribute Kuppuswamy Sathyanarayanan
2021-09-30  1:05 ` [PATCH v2 4/6] virtio: Initialize authorized attribute for confidential guest Kuppuswamy Sathyanarayanan
2021-09-30 11:03   ` Michael S. Tsirkin
2021-09-30 13:36     ` Dan Williams
2021-09-30 13:49       ` Greg Kroah-Hartman
2021-09-30 15:18       ` Kuppuswamy, Sathyanarayanan
2021-09-30 15:20         ` Michael S. Tsirkin
2021-09-30 15:23           ` Kuppuswamy, Sathyanarayanan
2021-09-30 15:23         ` Greg Kroah-Hartman
2021-09-30 19:04           ` Kuppuswamy, Sathyanarayanan
2021-09-30 19:16             ` Kuppuswamy, Sathyanarayanan
2021-09-30 19:30             ` Andi Kleen
2021-09-30 19:40               ` Kuppuswamy, Sathyanarayanan
2021-10-01  7:03             ` Greg Kroah-Hartman
2021-10-01 15:49               ` Andi Kleen
2021-10-02 11:04                 ` Michael S. Tsirkin
2021-10-02 11:14                   ` Greg Kroah-Hartman
2021-10-02 14:20                     ` Andi Kleen
2021-10-02 14:44                       ` Greg Kroah-Hartman
2021-10-02 18:40                       ` Michael S. Tsirkin
2021-10-03  6:40                         ` Greg Kroah-Hartman
2021-10-04 21:04                       ` Dan Williams
2021-10-01 16:13               ` Dan Williams
2021-10-01 16:45                 ` Alan Stern
2021-10-01 18:09                   ` Dan Williams
2021-10-01 19:00                     ` Alan Stern
2021-10-01 19:45                       ` Kuppuswamy, Sathyanarayanan
2021-10-01 19:57                       ` Dan Williams
2021-10-04  5:16                         ` Mika Westerberg
2021-10-05 22:33                           ` Dan Williams
2021-10-06  5:45                             ` Greg Kroah-Hartman
2021-09-30 19:25         ` Andi Kleen
2021-09-30  1:05 ` [PATCH v2 5/6] x86/tdx: Add device filter support for x86 TDX guest platform Kuppuswamy Sathyanarayanan
2021-09-30  1:05 ` [PATCH v2 6/6] PCI: Initialize authorized attribute for confidential guest Kuppuswamy Sathyanarayanan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210930010511.3387967-3-sathyanarayanan.kuppuswamy@linux.intel.com \
    --to=sathyanarayanan.kuppuswamy@linux.intel.com \
    --cc=YehezkelShB@gmail.com \
    --cc=ak@linux.intel.com \
    --cc=andreas.noever@gmail.com \
    --cc=bhelgaas@google.com \
    --cc=bp@alien8.de \
    --cc=corbet@lwn.net \
    --cc=dan.j.williams@intel.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=jasowang@redhat.com \
    --cc=knsathya@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=linux-usb@vger.kernel.org \
    --cc=michael.jamet@intel.com \
    --cc=mika.westerberg@linux.intel.com \
    --cc=mingo@redhat.com \
    --cc=mst@redhat.com \
    --cc=rafael@kernel.org \
    --cc=tglx@linutronix.de \
    --cc=virtualization@lists.linux-foundation.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).