From: Ben Hutchings <bhutchings@solarflare.com>
To: netdev <netdev@vger.kernel.org>
Subject: [RFC] Restricting MDIO reads
Date: Thu, 11 Jun 2009 17:04:07 +0100 [thread overview]
Message-ID: <1244736247.2785.35.camel@achroite> (raw)
Currently most drivers[1] that support the "MII" ioctls allow all users
to read MDIO registers, while MDIO writes require CAP_NET_ADMIN.
However, some MDIO registers and register bits have read-to-clear (latch
high, latch low or non-rollover) or multi-word latching semantics[2].
So reading from them may interfere with the driver or other users and
should also require CAP_NET_ADMIN.
It's not clear to me just which registers should be safe to read, and
this can vary between PHYs. I think the correct thing to do is either
to restrict all MDIO reads or to whitelist standard-defined safe
registers.
Which applications, if any, depend on performing MDIO reads as an
unprivileged user? Which registers do they expect to read?
Ben.
[1]
These generic implementations allow reads by all users:
mdio, mii, pci-skeleton, phylib
These full drivers allow reads by all users:
3c574_cs, axnet_cs, bnx2, bnx2x, cassini, emac, natsemi, pcnet_cs,
r8169, sis900, skge, sky2, sungem, tg3, tlan, tulip, xirc2ps_cs,
yellowfin
(This excludes drivers that simulate MDIO reads.)
These require CAP_NET_ADMIN for reads:
amd8111e, atl1, atl1e, atl2, igb, via-velocity
[2]
At least the following register bits are defined as having read-to-clear
or multi-word latching semantics:
c22: 1.2:1, 1.4
c28: 6.1, 6.4
c33: 12.12:7
c37: 6.1
c40: 10.15
c45: 1.1.2, 1.8.11:10, 1.33.12, 1.33.14, 1.36.15:0, 1.99.15:12, 2.1.2,
2.1.7, 2.33.7:0, 2.33.11:9, 3.1.2, 3.8.11:10, 3.33.15:0, 3.66.15:0,
3.67.15:0, 3.69.15:0, 3.70.15:0, 3.71.15:0, 3.72.15:0, 3.73.15:0, 4.1.2,
4.8.11:10, 5.1.0, 5.1.2, 5.8.11:10, 6.17.1:0, 6.24.15:0, 6.25.15:0,
6.25.16:0, 7.1.2, 7.1.4, 7.1.6, 7.33.15, 29.9.15:0, 29.10.15:0,
29.11.15:0
Any reserved bits and vendor-defined registers may also have such
semantics.
--
Ben Hutchings, Senior Software Engineer, Solarflare Communications
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
next reply other threads:[~2009-06-11 16:04 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-06-11 16:04 Ben Hutchings [this message]
2009-06-12 4:00 ` [RFC] Restricting MDIO reads David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1244736247.2785.35.camel@achroite \
--to=bhutchings@solarflare.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.