From: Jerry Hoemann <jerry.hoemann@hpe.com>
To: Dan Williams <dan.j.williams@intel.com>
Cc: Ross Zwisler <ross.zwisler@linux.intel.com>,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
Len Brown <lenb@kernel.org>,
"Elliott, Robert (Persistent Memory)" <elliott@hpe.com>,
jmoyer <jmoyer@redhat.com>,
Dmitry Krivenok <krivenok.dmitry@gmail.com>,
Linda Knippers <linda.knippers@hpe.com>,
Robert Moore <robert.moore@intel.com>,
Lv Zheng <lv.zheng@intel.com>,
Rafael J Wysocki <rafael.j.wysocki@intel.com>,
"linux-nvdimm@lists.01.org" <linux-nvdimm@lists.01.org>,
Linux ACPI <linux-acpi@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v5 0/6] nvdimm: Add an IOCTL pass thru for DSM calls
Date: Mon, 11 Jan 2016 18:32:59 -0700 [thread overview]
Message-ID: <20160112013259.GC79247@tevye.fc.hp.com> (raw)
In-Reply-To: <CAPcyv4h+R4Aa7Zu3qWfmWwk6SWt22wuOowJvtpFhVUCdamTWDA@mail.gmail.com>
On Sun, Jan 10, 2016 at 04:03:18PM -0800, Dan Williams wrote:
> On Wed, Jan 6, 2016 at 3:58 PM, Dan Williams <dan.j.williams@intel.com>wrote:
> > On Wed, Jan 6, 2016 at 3:03 PM, Jerry Hoemann <jerry.hoemann@hpe.com> wrote:
> [..]
> >> Jerry Hoemann (6):
> >> ACPI / util: Fix acpi_evaluate_dsm() argument type
> >> nvdimm: Clean-up access mode check.
> >> nvdimm: Add wrapper for IOCTL pass thru
> >> nvdimm: Fix security issue with DSM IOCTL.
> >> nvdimm: Increase max envelope size for IOCTL
> >> nvdimm: Add IOCTL pass thru functions
> >
> > These look good to me.
> >
> > I'll tag "nvdimm: Fix security issue with DSM IOCTL." for -stable.
> >
> > Thanks Jerry!
>
> I went to go write a test / support in ndctl for these and noticed a
> few things I want to address before merging.
>
> 1/ Advertise 'call_dsm' as a supported command alongside the others.
In sysfs? okay that makes sense.
>
> 2/ Disallow potentially invalid calls to reach firmware. At a minimum
> the kernel needs to know the uuid in advance for any dsm it wants to
> send. I.e. check the 'dsm_fun_idx' against the dsm_mask. This is
> also important for making sure the kernel can manage exclusive access
> to the configuration data area if present
> (ND_CMD_{GET|SET}_CONFIG_DATA).
Technically, the kernel doesn't need to know the uuid in advance
as that is part of the bundle passed into the passthru.
Are you concerned about firmware mis-behaving when presented
with a (UUID, Function_Index) that is not supported?
(and really we should add Revision ID to that tuple.)
In a prior version of the patch not sent upstream, I did "discover" the
uuid and set up the dsm_mask. However, this created a need to modify
kernel each time uuid changes. Also, i don't think this is necessary
as FW should be gracefully validating its input arguments. By
not setting up/using dsm_mask in pass thru case, this can be tested.
I don't understand the exclusive access concern w/ config data.
Could you please elaborate?
>
> 3/ This is minor, but it follows from 1/ that there may be some nvdimm
> bus implementations that do not implement 'call_dsm' support.
> 'nfit_test' is currently one of those buses and we need to check for
> that explicitly in nd_ioctl.
>
> I have some patches in progress to address these.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-acpi" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
-----------------------------------------------------------------------------
Jerry Hoemann Software Engineer Hewlett Packard Enterprise
-----------------------------------------------------------------------------
WARNING: multiple messages have this Message-ID (diff)
From: Jerry Hoemann <jerry.hoemann@hpe.com>
To: Dan Williams <dan.j.williams@intel.com>
Cc: Ross Zwisler <ross.zwisler@linux.intel.com>,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
Len Brown <lenb@kernel.org>,
"Elliott, Robert (Persistent Memory)" <elliott@hpe.com>,
jmoyer <jmoyer@redhat.com>,
Dmitry Krivenok <krivenok.dmitry@gmail.com>,
Linda Knippers <linda.knippers@hpe.com>,
Robert Moore <robert.moore@intel.com>,
Lv Zheng <lv.zheng@intel.com>,
Rafael J Wysocki <rafael.j.wysocki@intel.com>,
"linux-nvdimm@lists.01.org" <linux-nvdimm@ml01.01.org>,
Linux ACPI <linux-acpi@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v5 0/6] nvdimm: Add an IOCTL pass thru for DSM calls
Date: Mon, 11 Jan 2016 18:32:59 -0700 [thread overview]
Message-ID: <20160112013259.GC79247@tevye.fc.hp.com> (raw)
In-Reply-To: <CAPcyv4h+R4Aa7Zu3qWfmWwk6SWt22wuOowJvtpFhVUCdamTWDA@mail.gmail.com>
On Sun, Jan 10, 2016 at 04:03:18PM -0800, Dan Williams wrote:
> On Wed, Jan 6, 2016 at 3:58 PM, Dan Williams <dan.j.williams@intel.com>wrote:
> > On Wed, Jan 6, 2016 at 3:03 PM, Jerry Hoemann <jerry.hoemann@hpe.com> wrote:
> [..]
> >> Jerry Hoemann (6):
> >> ACPI / util: Fix acpi_evaluate_dsm() argument type
> >> nvdimm: Clean-up access mode check.
> >> nvdimm: Add wrapper for IOCTL pass thru
> >> nvdimm: Fix security issue with DSM IOCTL.
> >> nvdimm: Increase max envelope size for IOCTL
> >> nvdimm: Add IOCTL pass thru functions
> >
> > These look good to me.
> >
> > I'll tag "nvdimm: Fix security issue with DSM IOCTL." for -stable.
> >
> > Thanks Jerry!
>
> I went to go write a test / support in ndctl for these and noticed a
> few things I want to address before merging.
>
> 1/ Advertise 'call_dsm' as a supported command alongside the others.
In sysfs? okay that makes sense.
>
> 2/ Disallow potentially invalid calls to reach firmware. At a minimum
> the kernel needs to know the uuid in advance for any dsm it wants to
> send. I.e. check the 'dsm_fun_idx' against the dsm_mask. This is
> also important for making sure the kernel can manage exclusive access
> to the configuration data area if present
> (ND_CMD_{GET|SET}_CONFIG_DATA).
Technically, the kernel doesn't need to know the uuid in advance
as that is part of the bundle passed into the passthru.
Are you concerned about firmware mis-behaving when presented
with a (UUID, Function_Index) that is not supported?
(and really we should add Revision ID to that tuple.)
In a prior version of the patch not sent upstream, I did "discover" the
uuid and set up the dsm_mask. However, this created a need to modify
kernel each time uuid changes. Also, i don't think this is necessary
as FW should be gracefully validating its input arguments. By
not setting up/using dsm_mask in pass thru case, this can be tested.
I don't understand the exclusive access concern w/ config data.
Could you please elaborate?
>
> 3/ This is minor, but it follows from 1/ that there may be some nvdimm
> bus implementations that do not implement 'call_dsm' support.
> 'nfit_test' is currently one of those buses and we need to check for
> that explicitly in nd_ioctl.
>
> I have some patches in progress to address these.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-acpi" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
-----------------------------------------------------------------------------
Jerry Hoemann Software Engineer Hewlett Packard Enterprise
-----------------------------------------------------------------------------
next prev parent reply other threads:[~2016-01-12 1:32 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-06 23:03 [PATCH v5 0/6] nvdimm: Add an IOCTL pass thru for DSM calls Jerry Hoemann
2016-01-06 23:03 ` Jerry Hoemann
2016-01-06 23:03 ` [PATCH v5 1/6] ACPI / util: Fix acpi_evaluate_dsm() argument type Jerry Hoemann
2016-01-06 23:03 ` Jerry Hoemann
2016-01-08 0:07 ` Rafael J. Wysocki
2016-01-08 0:07 ` Rafael J. Wysocki
2016-01-06 23:03 ` [PATCH v5 2/6] nvdimm: Clean-up access mode check Jerry Hoemann
2016-01-06 23:03 ` Jerry Hoemann
2016-01-06 23:03 ` [PATCH v5 3/6] nvdimm: Add wrapper for IOCTL pass thru Jerry Hoemann
2016-01-06 23:03 ` Jerry Hoemann
2016-01-06 23:03 ` [PATCH v5 4/6] nvdimm: Fix security issue with DSM IOCTL Jerry Hoemann
2016-01-06 23:03 ` Jerry Hoemann
2016-01-06 23:03 ` [PATCH v5 5/6] nvdimm: Increase max envelope size for IOCTL Jerry Hoemann
2016-01-06 23:03 ` Jerry Hoemann
2016-01-06 23:03 ` [PATCH v5 6/6] nvdimm: Add IOCTL pass thru functions Jerry Hoemann
2016-01-06 23:03 ` Jerry Hoemann
2016-01-06 23:58 ` [PATCH v5 0/6] nvdimm: Add an IOCTL pass thru for DSM calls Dan Williams
2016-01-06 23:58 ` Dan Williams
2016-01-11 0:03 ` Dan Williams
2016-01-11 0:03 ` Dan Williams
2016-01-12 1:32 ` Jerry Hoemann [this message]
2016-01-12 1:32 ` Jerry Hoemann
2016-01-12 18:55 ` Dan Williams
2016-01-12 18:55 ` Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160112013259.GC79247@tevye.fc.hp.com \
--to=jerry.hoemann@hpe.com \
--cc=dan.j.williams@intel.com \
--cc=elliott@hpe.com \
--cc=jmoyer@redhat.com \
--cc=krivenok.dmitry@gmail.com \
--cc=lenb@kernel.org \
--cc=linda.knippers@hpe.com \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvdimm@lists.01.org \
--cc=lv.zheng@intel.com \
--cc=rafael.j.wysocki@intel.com \
--cc=rjw@rjwysocki.net \
--cc=robert.moore@intel.com \
--cc=ross.zwisler@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.