From: "Dixit, Ashutosh" <ashutosh.dixit@intel.com>
To: Umesh Nerlige Ramappa <umesh.nerlige.ramappa@intel.com>
Cc: <intel-xe@lists.freedesktop.org>
Subject: Re: [PATCH 1/9] drm/xe/rtp: Add RING_FORCE_TO_NONPRIV_DENY to OA whitelists
Date: Thu, 21 May 2026 16:35:25 -0700 [thread overview]
Message-ID: <878q9cwd36.wl-ashutosh.dixit@intel.com> (raw)
In-Reply-To: <ag+R6ndpufdiwMej@soc-5CG1426VCC.clients.intel.com>
On Thu, 21 May 2026 16:14:50 -0700, Umesh Nerlige Ramappa wrote:
>
> On Mon, May 18, 2026 at 04:47:08PM -0700, Ashutosh Dixit wrote:
> > Unconditionally whitelisting OA registers is a security violation. Set
> > RING_FORCE_TO_NONPRIV_DENY bit in OA nonpriv slots, so that OA registers
> > don't get whitelisted by default after probe/reset/restart.
> >
> > Signed-off-by: Ashutosh Dixit <ashutosh.dixit@intel.com>
> > ---
> > drivers/gpu/drm/xe/xe_reg_whitelist.c | 7 ++++---
> > 1 file changed, 4 insertions(+), 3 deletions(-)
> >
> > diff --git a/drivers/gpu/drm/xe/xe_reg_whitelist.c b/drivers/gpu/drm/xe/xe_reg_whitelist.c
> > index fb65940848d7a..d6a5d499373bc 100644
> > --- a/drivers/gpu/drm/xe/xe_reg_whitelist.c
> > +++ b/drivers/gpu/drm/xe/xe_reg_whitelist.c
> > @@ -105,9 +105,10 @@ static const struct xe_rtp_entry_sr register_whitelist[] = {
> > },
> >
> > #define WHITELIST_OA_MMIO_TRG(trg, status, head) \
> > - WHITELIST(trg, RING_FORCE_TO_NONPRIV_ACCESS_RW), \
> > - WHITELIST(status, RING_FORCE_TO_NONPRIV_ACCESS_RD), \
> > - WHITELIST(head, RING_FORCE_TO_NONPRIV_ACCESS_RD | RING_FORCE_TO_NONPRIV_RANGE_4)
> > + WHITELIST(trg, RING_FORCE_TO_NONPRIV_ACCESS_RW | RING_FORCE_TO_NONPRIV_DENY), \
> > + WHITELIST(status, RING_FORCE_TO_NONPRIV_ACCESS_RD | RING_FORCE_TO_NONPRIV_DENY), \
> > + WHITELIST(head, RING_FORCE_TO_NONPRIV_ACCESS_RD | RING_FORCE_TO_NONPRIV_RANGE_4 | \
> > + RING_FORCE_TO_NONPRIV_DENY)
>
> status and head should be clubbed into one slot, starting with status and
> RANGE_4. Maybe that can be a patch before this one.
No, e.g. for OAG, status is 0xdafc which is not a multiple of 16, which is
a requirement for RANGE_4.
Also, about RANGE_4 above, there were different suggestions, e.g. tail and
oabuffer should be different slots, rather than grouping in a single
RANGE_4 above. To avoid any such controversy, I decided to focus this
series only on removing unconditional whitelisting for OA registers. Any
other changes, such as removing or retaining RANGE_4, we can do after this
series is reviewed/merged.
Thanks.
--
Ashutosh
> > #define WHITELIST_OAG_MMIO_TRG \
> > WHITELIST_OA_MMIO_TRG(OAG_MMIOTRIGGER, OAG_OASTATUS, OAG_OAHEADPTR)
> > --
> > 2.54.0
> >
next prev parent reply other threads:[~2026-05-21 23:35 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-18 23:47 [PATCH 0/9] Don't whitelist OA registers unconditionally Ashutosh Dixit
2026-05-18 23:47 ` [PATCH 1/9] drm/xe/rtp: Add RING_FORCE_TO_NONPRIV_DENY to OA whitelists Ashutosh Dixit
2026-05-21 23:14 ` Umesh Nerlige Ramappa
2026-05-21 23:35 ` Dixit, Ashutosh [this message]
2026-05-26 19:12 ` Umesh Nerlige Ramappa
2026-05-27 20:03 ` Umesh Nerlige Ramappa
2026-05-29 19:12 ` Dixit, Ashutosh
2026-05-18 23:47 ` [PATCH 2/9] drm/xe/rtp: Maintain OA whitelists separately Ashutosh Dixit
2026-05-29 18:31 ` Umesh Nerlige Ramappa
2026-05-18 23:47 ` [PATCH 3/9] drm/xe/rtp: Keep track of non-OA nonpriv slots Ashutosh Dixit
2026-05-29 18:30 ` Umesh Nerlige Ramappa
2026-05-29 20:45 ` Dixit, Ashutosh
2026-05-29 23:24 ` Umesh Nerlige Ramappa
2026-05-30 1:51 ` Dixit, Ashutosh
2026-05-18 23:47 ` [PATCH 4/9] drm/xe/rtp: Generalize whitelist_apply_to_hwe Ashutosh Dixit
2026-05-18 23:47 ` [PATCH 5/9] drm/xe/rtp: Save OA nonpriv registers to register save/restore lists Ashutosh Dixit
2026-05-27 22:00 ` Umesh Nerlige Ramappa
2026-05-29 20:45 ` Dixit, Ashutosh
2026-05-18 23:47 ` [PATCH 6/9] drm/xe/rtp: Toggle 'deny' bit to (de-)whitelist OA regs Ashutosh Dixit
2026-05-29 18:33 ` Umesh Nerlige Ramappa
2026-05-18 23:47 ` [PATCH 7/9] drm/xe/rtp: (De-)whitelist OA registers for all hwe's for a gt Ashutosh Dixit
2026-05-27 21:49 ` Umesh Nerlige Ramappa
2026-05-29 23:03 ` Dixit, Ashutosh
2026-06-02 22:47 ` Umesh Nerlige Ramappa
2026-06-03 18:49 ` Dixit, Ashutosh
2026-05-18 23:47 ` [PATCH 8/9] drm/xe/oa: (De-)whitelist OA registers on OA stream open/release Ashutosh Dixit
2026-05-29 18:35 ` Umesh Nerlige Ramappa
2026-05-18 23:47 ` [PATCH 9/9] drm/xe/rtp: Ensure locking/ref counting for OA whitelists Ashutosh Dixit
2026-05-27 20:04 ` Umesh Nerlige Ramappa
2026-06-01 23:30 ` Dixit, Ashutosh
2026-05-18 23:54 ` ✓ CI.KUnit: success for Don't whitelist OA registers unconditionally Patchwork
2026-05-19 1:05 ` ✓ Xe.CI.BAT: " Patchwork
2026-05-19 8:32 ` ✗ Xe.CI.FULL: failure " Patchwork
2026-05-27 19:53 ` [PATCH 0/9] " Demi Marie Obenour
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=878q9cwd36.wl-ashutosh.dixit@intel.com \
--to=ashutosh.dixit@intel.com \
--cc=intel-xe@lists.freedesktop.org \
--cc=umesh.nerlige.ramappa@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.