From: Rajat Jain <rajatja@google.com>
To: Rob Herring <robh+dt@kernel.org>,
"Rafael J. Wysocki" <rafael@kernel.org>,
Len Brown <lenb@kernel.org>,
linux-pci@vger.kernel.org, devicetree@vger.kernel.org,
Mika Westerberg <mika.westerberg@linux.intel.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Bjorn Helgaas <helgaas@kernel.org>,
Bjorn Helgaas <bhelgaas@google.com>,
ACPI Devel Maling List <linux-acpi@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Rajat Jain <rajatxjain@gmail.com>,
Dmitry Torokhov <dtor@google.com>,
Jesse Barnes <jsbarnes@google.com>,
Jean-Philippe Brucker <jean-philippe@linaro.org>,
Pavel Machek <pavel@denx.de>,
"Oliver O'Halloran" <oohall@gmail.com>,
Joerg Roedel <joro@8bytes.org>
Cc: Rajat Jain <rajatja@google.com>
Subject: [PATCH v2 1/2] PCI: Allow internal devices to be marked as untrusted
Date: Tue, 1 Feb 2022 18:01:02 -0800 [thread overview]
Message-ID: <20220202020103.2149130-1-rajatja@google.com> (raw)
Today the pci_dev->untrusted is set for any devices sitting downstream
an external facing port (determined via "ExternalFacingPort" or the
"external-facing" properties).
However, currently there is no way for internal devices to be marked as
untrusted.
There are use-cases though, where a platform would like to treat an
internal device as untrusted (perhaps because it runs untrusted firmware
or offers an attack surface by handling untrusted network data etc).
Introduce a new "UntrustedDevice" property that can be used by the
firmware to mark any device as untrusted.
Signed-off-by: Rajat Jain <rajatja@google.com>
---
v2: * Also use the same property for device tree based systems.
* Add documentation (next patch)
drivers/pci/of.c | 2 ++
drivers/pci/pci-acpi.c | 1 +
drivers/pci/pci.c | 9 +++++++++
drivers/pci/pci.h | 2 ++
4 files changed, 14 insertions(+)
diff --git a/drivers/pci/of.c b/drivers/pci/of.c
index cb2e8351c2cc..e8b804664b69 100644
--- a/drivers/pci/of.c
+++ b/drivers/pci/of.c
@@ -24,6 +24,8 @@ void pci_set_of_node(struct pci_dev *dev)
dev->devfn);
if (dev->dev.of_node)
dev->dev.fwnode = &dev->dev.of_node->fwnode;
+
+ pci_set_untrusted(dev);
}
void pci_release_of_node(struct pci_dev *dev)
diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c
index a42dbf448860..2bffbd5c6114 100644
--- a/drivers/pci/pci-acpi.c
+++ b/drivers/pci/pci-acpi.c
@@ -1356,6 +1356,7 @@ void pci_acpi_setup(struct device *dev, struct acpi_device *adev)
pci_acpi_optimize_delay(pci_dev, adev->handle);
pci_acpi_set_external_facing(pci_dev);
+ pci_set_untrusted(pci_dev);
pci_acpi_add_edr_notifier(pci_dev);
pci_acpi_add_pm_notifier(adev, pci_dev);
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index 9ecce435fb3f..41e887c27004 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -6869,3 +6869,12 @@ static int __init pci_realloc_setup_params(void)
return 0;
}
pure_initcall(pci_realloc_setup_params);
+
+void pci_set_untrusted(struct pci_dev *pdev)
+{
+ u8 val;
+
+ if (!device_property_read_u8(&pdev->dev, "UntrustedDevice", &val)
+ && val)
+ pdev->untrusted = 1;
+}
diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h
index 3d60cabde1a1..6c273ce5e0ba 100644
--- a/drivers/pci/pci.h
+++ b/drivers/pci/pci.h
@@ -761,4 +761,6 @@ static inline pci_power_t mid_pci_get_power_state(struct pci_dev *pdev)
}
#endif
+void pci_set_untrusted(struct pci_dev *pdev);
+
#endif /* DRIVERS_PCI_H */
--
2.35.0.rc2.247.g8bbb082509-goog
next reply other threads:[~2022-02-02 2:01 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-02 2:01 Rajat Jain [this message]
2022-02-02 2:01 ` [PATCH v2 2/2] dt-bindings: Document "UntrustedDevice" property for PCI devices Rajat Jain
2022-02-09 21:57 ` Rob Herring
2022-02-09 0:23 ` [PATCH v2 1/2] PCI: Allow internal devices to be marked as untrusted Rajat Jain
2022-02-09 5:46 ` Greg Kroah-Hartman
2022-02-09 18:39 ` Bjorn Helgaas
2022-02-09 18:49 ` Rafael J. Wysocki
2022-02-09 22:00 ` Rajat Jain
2022-02-10 7:53 ` Greg Kroah-Hartman
2022-02-09 19:11 ` Rafael J. Wysocki
2022-02-09 19:18 ` Rafael J. Wysocki
2022-02-09 22:03 ` Rajat Jain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220202020103.2149130-1-rajatja@google.com \
--to=rajatja@google.com \
--cc=bhelgaas@google.com \
--cc=devicetree@vger.kernel.org \
--cc=dtor@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=helgaas@kernel.org \
--cc=jean-philippe@linaro.org \
--cc=joro@8bytes.org \
--cc=jsbarnes@google.com \
--cc=lenb@kernel.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=mika.westerberg@linux.intel.com \
--cc=oohall@gmail.com \
--cc=pavel@denx.de \
--cc=rafael@kernel.org \
--cc=rajatxjain@gmail.com \
--cc=robh+dt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.