From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <intel-xe-bounces@lists.freedesktop.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 2D718CD5BAB
	for <intel-xe@archiver.kernel.org>; Thu, 21 May 2026 23:35:29 +0000 (UTC)
Received: from gabe.freedesktop.org (localhost [127.0.0.1])
	by gabe.freedesktop.org (Postfix) with ESMTP id DDF7610F445;
	Thu, 21 May 2026 23:35:28 +0000 (UTC)
Authentication-Results: gabe.freedesktop.org;
	dkim=pass (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.b="ODj16dSR";
	dkim-atps=neutral
Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.8])
 by gabe.freedesktop.org (Postfix) with ESMTPS id B0A6B10F445
 for <intel-xe@lists.freedesktop.org>; Thu, 21 May 2026 23:35:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1779406528; x=1810942528;
 h=date:message-id:from:to:cc:subject:in-reply-to:
 references:mime-version;
 bh=fdTUgFHl3pGdS9gktrJCrSq3WkBHRIR4BKT5FKUeYJQ=;
 b=ODj16dSRg7LCNgYtcWlIM0NqvXMSLLSSrMz9t5Vk0XDpDE26L9fKAOnE
 chLYrIc3+gyy4py2ga6Mkp8i2zs9FCMHrDsV80bhMipBY1QR5KvF+b13k
 ygZ/2mDLIwvXF50VNzuKQayujVGcOaKcRzDdSnzrkGayJmo/SA8ZNMQPk
 ptInVERHYUvzb0BPYwhz0XwWsiOsxXCI5zsoyogdIjQdkndZbXvgD5HrK
 Q/neBPtno4IqDgZwYBnjkb/bneQudRRh5uUWPzgY+fStPh36gs3WstTBq
 6okM2qMZrzraJPzJNELBBePhPWijPF8VMxLvx+KewNsGmykBZumMAZL6i Q==;
X-CSE-ConnectionGUID: DSLWuYvrQmKE9UJTScnUlA==
X-CSE-MsgGUID: dLaG6kp3QQeX3FrNQbkp6Q==
X-IronPort-AV: E=McAfee;i="6800,10657,11793"; a="97911815"
X-IronPort-AV: E=Sophos;i="6.24,161,1774335600"; d="scan'208";a="97911815"
Received: from fmviesa008.fm.intel.com ([10.60.135.148])
 by fmvoesa102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 21 May 2026 16:35:28 -0700
X-CSE-ConnectionGUID: HxIp+AkrTNGWeTUGJ77Q9A==
X-CSE-MsgGUID: 6Q0NoT1NRUSY3oLAxdUnrg==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.24,161,1774335600"; d="scan'208";a="238092371"
Received: from fmjohns-mobl1.amr.corp.intel.com (HELO adixit-MOBL3.intel.com)
 ([10.125.24.143])
 by fmviesa008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 21 May 2026 16:35:27 -0700
Date: Thu, 21 May 2026 16:35:25 -0700
Message-ID: <878q9cwd36.wl-ashutosh.dixit@intel.com>
From: "Dixit, Ashutosh" <ashutosh.dixit@intel.com>
To: Umesh Nerlige Ramappa <umesh.nerlige.ramappa@intel.com>
Cc: <intel-xe@lists.freedesktop.org>
Subject: Re: [PATCH 1/9] drm/xe/rtp: Add RING_FORCE_TO_NONPRIV_DENY to OA
 whitelists
In-Reply-To: <ag+R6ndpufdiwMej@soc-5CG1426VCC.clients.intel.com>
References: <20260518234716.1540123-1-ashutosh.dixit@intel.com>	<20260518234716.1540123-2-ashutosh.dixit@intel.com>	<ag+R6ndpufdiwMej@soc-5CG1426VCC.clients.intel.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue)
 FLIM-LB/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL-LB/10.8 EasyPG/1.0.0
 Emacs/30.2 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
X-BeenThere: intel-xe@lists.freedesktop.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Intel Xe graphics driver <intel-xe.lists.freedesktop.org>
List-Unsubscribe: <https://lists.freedesktop.org/mailman/options/intel-xe>,
 <mailto:intel-xe-request@lists.freedesktop.org?subject=unsubscribe>
List-Archive: <https://lists.freedesktop.org/archives/intel-xe>
List-Post: <mailto:intel-xe@lists.freedesktop.org>
List-Help: <mailto:intel-xe-request@lists.freedesktop.org?subject=help>
List-Subscribe: <https://lists.freedesktop.org/mailman/listinfo/intel-xe>,
 <mailto:intel-xe-request@lists.freedesktop.org?subject=subscribe>
Errors-To: intel-xe-bounces@lists.freedesktop.org
Sender: "Intel-xe" <intel-xe-bounces@lists.freedesktop.org>

On Thu, 21 May 2026 16:14:50 -0700, Umesh Nerlige Ramappa wrote:
>
> On Mon, May 18, 2026 at 04:47:08PM -0700, Ashutosh Dixit wrote:
> > Unconditionally whitelisting OA registers is a security violation. Set
> > RING_FORCE_TO_NONPRIV_DENY bit in OA nonpriv slots, so that OA registers
> > don't get whitelisted by default after probe/reset/restart.
> >
> > Signed-off-by: Ashutosh Dixit <ashutosh.dixit@intel.com>
> > ---
> > drivers/gpu/drm/xe/xe_reg_whitelist.c | 7 ++++---
> > 1 file changed, 4 insertions(+), 3 deletions(-)
> >
> > diff --git a/drivers/gpu/drm/xe/xe_reg_whitelist.c b/drivers/gpu/drm/xe/xe_reg_whitelist.c
> > index fb65940848d7a..d6a5d499373bc 100644
> > --- a/drivers/gpu/drm/xe/xe_reg_whitelist.c
> > +++ b/drivers/gpu/drm/xe/xe_reg_whitelist.c
> > @@ -105,9 +105,10 @@ static const struct xe_rtp_entry_sr register_whitelist[] = {
> >	},
> >
> > #define WHITELIST_OA_MMIO_TRG(trg, status, head) \
> > -	WHITELIST(trg, RING_FORCE_TO_NONPRIV_ACCESS_RW), \
> > -	WHITELIST(status, RING_FORCE_TO_NONPRIV_ACCESS_RD), \
> > -	WHITELIST(head, RING_FORCE_TO_NONPRIV_ACCESS_RD | RING_FORCE_TO_NONPRIV_RANGE_4)
> > +	WHITELIST(trg, RING_FORCE_TO_NONPRIV_ACCESS_RW | RING_FORCE_TO_NONPRIV_DENY), \
> > +	WHITELIST(status, RING_FORCE_TO_NONPRIV_ACCESS_RD | RING_FORCE_TO_NONPRIV_DENY), \
> > +	WHITELIST(head, RING_FORCE_TO_NONPRIV_ACCESS_RD | RING_FORCE_TO_NONPRIV_RANGE_4 | \
> > +		  RING_FORCE_TO_NONPRIV_DENY)
>
> status and head should be clubbed into one slot, starting with status and
> RANGE_4. Maybe that can be a patch before this one.

No, e.g. for OAG, status is 0xdafc which is not a multiple of 16, which is
a requirement for RANGE_4.

Also, about RANGE_4 above, there were different suggestions, e.g. tail and
oabuffer should be different slots, rather than grouping in a single
RANGE_4 above. To avoid any such controversy, I decided to focus this
series only on removing unconditional whitelisting for OA registers. Any
other changes, such as removing or retaining RANGE_4, we can do after this
series is reviewed/merged.

Thanks.
--
Ashutosh

> > #define WHITELIST_OAG_MMIO_TRG \
> >	WHITELIST_OA_MMIO_TRG(OAG_MMIOTRIGGER, OAG_OASTATUS, OAG_OAHEADPTR)
> > --
> > 2.54.0
> >