linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Jason Gunthorpe <jgg@nvidia.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Saeed Mahameed <saeed@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
	linux-kernel@vger.kernel.org, Leon Romanovsky <leonro@nvidia.com>,
	Jiri Pirko <jiri@nvidia.com>, Saeed Mahameed <saeedm@nvidia.com>
Subject: Re: [PATCH 0/5] mlx5 ConnectX diagnostic misc driver
Date: Wed, 18 Oct 2023 09:00:25 -0300	[thread overview]
Message-ID: <20231018120025.GQ3952@nvidia.com> (raw)
In-Reply-To: <2023101858-underwire-donated-3ae9@gregkh>

On Wed, Oct 18, 2023 at 10:31:23AM +0200, Greg Kroah-Hartman wrote:
> On Wed, Oct 18, 2023 at 01:19:36AM -0700, Saeed Mahameed wrote:
> > Historically a userspace program was used that accessed the PCI register
> > and config space directly through /sys/bus/pci/.../XXX and could operate
> > these debugging interfaces in parallel with the running driver.
> > This approach is incompatible with secure boot and kernel lockdown so this
> > driver provides a secure and restricted interface to that.
> 
> Why not just write a UIO driver for this hardware then?

The old mechanism relied on direct config space and sometimes mmio
access to the PCI device. We did a security analysis and concluded
that approach could not provide the required security for what our
customers want from the secure boot and lockdown modes. We cannot
allow a lockdown userspace direct access to those device registers.

So, it was redesigned to be RPC driven instead of having direct HW
access. The RPCs allow the device to provide the required level of
security.

This new misc driver does not expose any HW registers or interrupts to
userspace, so it does not seem like a fit for UIO.

Jason

  reply	other threads:[~2023-10-18 12:39 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-10-18  8:19 [PATCH 0/5] mlx5 ConnectX diagnostic misc driver Saeed Mahameed
2023-10-18  8:19 ` [PATCH 1/5] mlx5: Add aux dev for ctl interface Saeed Mahameed
2023-10-18  8:19 ` [PATCH 2/5] misc: mlx5ctl: Add mlx5ctl misc driver Saeed Mahameed
2023-10-18  8:30   ` Greg Kroah-Hartman
2023-10-18  8:49     ` Leon Romanovsky
2023-10-18  8:55       ` Greg Kroah-Hartman
2023-10-18 10:00         ` Leon Romanovsky
2023-10-18 11:52           ` Greg Kroah-Hartman
2023-10-18 18:01     ` Jason Gunthorpe
2023-10-18 18:22       ` Greg Kroah-Hartman
2023-10-18 18:56         ` Jason Gunthorpe
2023-10-19 17:21           ` Greg Kroah-Hartman
2023-10-19 19:00             ` Jason Gunthorpe
2023-10-19 19:46               ` Greg Kroah-Hartman
2023-10-19 23:49                 ` Jason Gunthorpe
2023-10-20 20:17                   ` Greg Kroah-Hartman
2023-10-19 21:50             ` Dual licensing [was: [PATCH 2/5] misc: mlx5ctl: Add mlx5ctl misc driver] Jonathan Corbet
2023-10-20 19:30               ` Dave Airlie
2023-10-20 20:07               ` Greg Kroah-Hartman
2023-10-18  8:30   ` [PATCH 2/5] misc: mlx5ctl: Add mlx5ctl misc driver Greg Kroah-Hartman
2023-10-18  8:19 ` [PATCH 3/5] misc: mlx5ctl: Add info ioctl Saeed Mahameed
2023-10-18  9:02   ` Arnd Bergmann
2023-10-18 10:08     ` Leon Romanovsky
2023-10-18 11:02       ` Arnd Bergmann
2023-10-22  1:46   ` kernel test robot
2023-10-22 11:27   ` kernel test robot
2023-10-18  8:19 ` [PATCH 4/5] misc: mlx5ctl: Add command rpc ioctl Saeed Mahameed
2023-10-18  8:19 ` [PATCH 5/5] misc: mlx5ctl: Add umem reg/unreg ioctl Saeed Mahameed
2023-10-18  8:33   ` Greg Kroah-Hartman
2023-11-19  9:49     ` Saeed Mahameed
2023-10-18  9:30   ` Arnd Bergmann
2023-10-18 11:51     ` Jason Gunthorpe
2023-11-19  9:44     ` Saeed Mahameed
2023-10-18  8:31 ` [PATCH 0/5] mlx5 ConnectX diagnostic misc driver Greg Kroah-Hartman
2023-10-18 12:00   ` Jason Gunthorpe [this message]
2023-10-18 12:11     ` Greg Kroah-Hartman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231018120025.GQ3952@nvidia.com \
    --to=jgg@nvidia.com \
    --cc=arnd@arndb.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=jiri@nvidia.com \
    --cc=leonro@nvidia.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=saeed@kernel.org \
    --cc=saeedm@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).