From: Leon Romanovsky <leon@kernel.org>
To: Bjorn Helgaas <helgaas@kernel.org>
Cc: "Jean Delvare" <jdelvare@suse.de>,
"Krzysztof Wilczyński" <kw@linux.com>,
linux-pci@vger.kernel.org, "Ariel Almog" <ariela@nvidia.com>,
"Aditya Prabhune" <aprabhune@nvidia.com>,
"Hannes Reinecke" <hare@suse.de>,
"Heiner Kallweit" <hkallweit1@gmail.com>,
"Arun Easi" <aeasi@marvell.com>,
"Jonathan Chocron" <jonnyc@amazon.com>,
"Bert Kenward" <bkenward@solarflare.com>,
"Matt Carlson" <mcarlson@broadcom.com>,
"Kai-Heng Feng" <kai.heng.feng@canonical.com>,
"Alex Williamson" <alex.williamson@redhat.com>,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
"Jakub Kicinski" <kuba@kernel.org>,
"Thomas Weißschuh" <linux@weissschuh.net>,
"Stephen Hemminger" <stephen@networkplumber.org>
Subject: Re: [PATCH v2] PCI/sysfs: Change read permissions for VPD attributes
Date: Fri, 22 Nov 2024 21:43:06 +0200 [thread overview]
Message-ID: <20241122194306.GC160612@unreal> (raw)
In-Reply-To: <20241121224142.GA2401143@bhelgaas>
On Thu, Nov 21, 2024 at 04:41:42PM -0600, Bjorn Helgaas wrote:
> On Thu, Nov 21, 2024 at 02:13:01PM +0200, Leon Romanovsky wrote:
> > On Thu, Nov 21, 2024 at 01:01:27PM +0100, Jean Delvare wrote:
> > > On Wed, 13 Nov 2024 14:59:58 +0200, Leon Romanovsky wrote:
> > > > --- a/drivers/pci/vpd.c
> > > > +++ b/drivers/pci/vpd.c
> > > > @@ -332,6 +332,14 @@ static umode_t vpd_attr_is_visible(struct kobject *kobj,
> > > > if (!pdev->vpd.cap)
> > > > return 0;
> > > >
> > > > + /*
> > > > + * Mellanox devices have implementation that allows VPD read by
> > > > + * unprivileged users, so just add needed bits to allow read.
> > > > + */
> > > > + WARN_ON_ONCE(a->attr.mode != 0600);
> > > > + if (unlikely(pdev->vendor == PCI_VENDOR_ID_MELLANOX))
> > > > + return a->attr.mode + 0044;
> > ...
>
> > I still didn't lost hope that at some point VPD will be open for read to
> > all kernel devices.
> >
> > Bjorn, are you ok with this patch? If yes, I'll resend the patch with
> > the suggested change after the merge window.
>
> Reading VPD is a fairly complicated dance that only works if the VPD
> data is well-formatted, and the benefit of unprivileged access seems
> pretty small, so the risk/reward tradeoff for making it unprivileged
> for all devices doesn't seem favorable in my mind.
>
> This quirk seems like the least bad option, so I guess I'm ok with it.
Thanks a lot.
>
> Bjorn
prev parent reply other threads:[~2024-11-22 19:43 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-13 12:59 [PATCH v2] PCI/sysfs: Change read permissions for VPD attributes Leon Romanovsky
2024-11-21 12:01 ` Jean Delvare
2024-11-21 12:13 ` Leon Romanovsky
2024-11-21 14:11 ` Jean Delvare
2024-11-21 17:00 ` Leon Romanovsky
2024-11-21 22:41 ` Bjorn Helgaas
2024-11-22 19:43 ` Leon Romanovsky [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241122194306.GC160612@unreal \
--to=leon@kernel.org \
--cc=aeasi@marvell.com \
--cc=alex.williamson@redhat.com \
--cc=aprabhune@nvidia.com \
--cc=ariela@nvidia.com \
--cc=bkenward@solarflare.com \
--cc=hare@suse.de \
--cc=helgaas@kernel.org \
--cc=hkallweit1@gmail.com \
--cc=jdelvare@suse.de \
--cc=jonnyc@amazon.com \
--cc=kai.heng.feng@canonical.com \
--cc=kuba@kernel.org \
--cc=kw@linux.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=linux@weissschuh.net \
--cc=mcarlson@broadcom.com \
--cc=netdev@vger.kernel.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.