From: Arnd Bergmann <arnd@arndb.de>
To: John Calixto <john.calixto@modsystems.com>
Cc: linux-mmc@vger.kernel.org,
"Andrei Warkentin" <andreiw@motorola.com>,
"Michał Mirosław" <mirqus@gmail.com>,
"Chris Ball" <cjb@laptop.org>
Subject: Re: [PATCH v7] mmc: Add mmc CMD+ACMD passthrough ioctl
Date: Tue, 26 Apr 2011 16:14:35 +0200 [thread overview]
Message-ID: <201104261614.35455.arnd@arndb.de> (raw)
In-Reply-To: <alpine.DEB.2.00.1104211743210.3919@peruna>
On Friday 22 April 2011, John Calixto wrote:
> Allows appropriately-privileged applications to send CMD (normal) and
> ACMD (application-specific; preceded with CMD55) commands to
> cards/devices on the mmc bus. This is primarily useful for enabling the
> security functionality built in to every SD card.
>
> It can also be used as a generic passthrough (e.g. to enable virtual
> machines to control mmc bus devices directly). However, this use case
> has not been tested rigorously. Generic passthrough testing was only
> conducted for a few non-security opcodes to prove the feasibility of the
> passthrough.
>
> Since any opcode can be sent using this passthrough, it is very possible
> to render the card/device unusable. Applications that use this ioctl
> must have CAP_SYS_RAWIO.
>
> Security commands tested on TI PCIxx12 (SDHCI), Sigma Designs SMP8652
> SoC, TI OMAP3621 SoC, TI OMAP3630 SoC, Samsung S5PC110 SoC, Qualcomm
> MSM7200A SoC.
>
> Signed-off-by: John Calixto <john.calixto@modsystems.com>
> Reviewed-by: Andrei Warkentin <andreiw@motorola.com>
The implementation looks good to me now,
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
I'll leave the final decision whether this is a good feature to have
to Chris. I still believe that we should have per-command ioctls
for the security feature, but getting there would require someone
to implement it, and I'm not going to do that.
Arnd
next prev parent reply other threads:[~2011-04-26 14:14 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-22 0:41 v7 changelog for mmc ioctl patch John Calixto
2011-04-22 0:44 ` [PATCH v7] mmc: Add mmc CMD+ACMD passthrough ioctl John Calixto
2011-04-22 1:28 ` John Calixto
2011-04-26 14:14 ` Arnd Bergmann [this message]
2011-04-26 22:28 ` John Calixto
2011-04-26 22:36 ` Chris Ball
2011-04-26 23:08 ` John Calixto
2011-04-29 18:18 ` Chris Ball
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201104261614.35455.arnd@arndb.de \
--to=arnd@arndb.de \
--cc=andreiw@motorola.com \
--cc=cjb@laptop.org \
--cc=john.calixto@modsystems.com \
--cc=linux-mmc@vger.kernel.org \
--cc=mirqus@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.