From: Michal Wajdeczko <michal.wajdeczko@intel.com>
To: Satyanarayana K V P <satyanarayana.k.v.p@intel.com>,
<intel-xe@lists.freedesktop.org>
Cc: "Rodrigo Vivi" <rodrigo.vivi@intel.com>,
"Piotr Piórkowski" <piotr.piorkowski@intel.com>,
"Matthew Brost" <matthew.brost@intel.com>,
"Thomas Hellström" <thomas.hellstrom@linux.intel.com>,
"Michał Winiarski" <michal.winiarski@intel.com>,
"Dunajski Bartosz" <bartosz.dunajski@intel.com>,
dri-devel@lists.freedesktop.org
Subject: Re: [RFC v4 1/1] drm/xe/pf: Restrict device query responses in admin-only PF mode
Date: Thu, 26 Feb 2026 22:32:48 +0100 [thread overview]
Message-ID: <1646e584-9900-4487-8063-5cc1db18870f@intel.com> (raw)
In-Reply-To: <20260226163104.3192618-4-satyanarayana.k.v.p@intel.com>
On 2/26/2026 5:31 PM, Satyanarayana K V P wrote:
> When the PF is configured for admin‑only mode, it is restricted to
> management functions and should not allow users to run workloads.
> Suppress device capabilities to userspace in admin-only PF mode.
>
> Signed-off-by: Satyanarayana K V P <satyanarayana.k.v.p@intel.com>
> Cc: Michal Wajdeczko <michal.wajdeczko@intel.com>
> Cc: Rodrigo Vivi <rodrigo.vivi@intel.com>
> Cc: Piotr Piórkowski <piotr.piorkowski@intel.com>
> Cc: Matthew Brost <matthew.brost@intel.com>
> Cc: Thomas Hellström <thomas.hellstrom@linux.intel.com>
> Cc: Michał Winiarski <michal.winiarski@intel.com>
> Cc: Dunajski Bartosz <bartosz.dunajski@intel.com>
> Cc: dri-devel@lists.freedesktop.org
>
> ---
> V3 -> V4:
> - Suppressed device capabilities in admin-only PF mode. (Wajdeczko)
>
> V2 -> V3:
> - Introduced new helper function xe_debugfs_create_files() to create
> debugfs entries based on admin_only_pf mode or normal mode.
>
> V1 -> V2:
> - Rebased to latest drm-tip.
> - Update update_minor_dev() to debugfs_minor_dev().
> ---
> drivers/gpu/drm/xe/xe_device.c | 14 ++++++++++++++
> drivers/gpu/drm/xe/xe_query.c | 11 ++++++++++-
> drivers/gpu/drm/xe/xe_sriov.h | 8 ++++++++
> 3 files changed, 32 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/xe/xe_device.c b/drivers/gpu/drm/xe/xe_device.c
> index 3462645ca13c..7bf462eed917 100644
> --- a/drivers/gpu/drm/xe/xe_device.c
> +++ b/drivers/gpu/drm/xe/xe_device.c
> @@ -25,6 +25,7 @@
> #include "regs/xe_regs.h"
> #include "xe_bo.h"
> #include "xe_bo_evict.h"
> +#include "xe_configfs.h"
> #include "xe_debugfs.h"
> #include "xe_defaults.h"
> #include "xe_devcoredump.h"
> @@ -213,6 +214,11 @@ static const struct drm_ioctl_desc xe_ioctls[] = {
> DRM_RENDER_ALLOW),
> };
>
> +static const struct drm_ioctl_desc xe_pf_admin_only_ioctls[] = {
> + DRM_IOCTL_DEF_DRV(XE_DEVICE_QUERY, xe_query_ioctl, DRM_RENDER_ALLOW),
> + DRM_IOCTL_DEF_DRV(XE_OBSERVATION, xe_observation_ioctl, DRM_RENDER_ALLOW),
> +};
> +
> static long xe_drm_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
> {
> struct drm_file *file_priv = file->private_data;
> @@ -442,6 +448,14 @@ struct xe_device *xe_device_create(struct pci_dev *pdev,
> struct xe_device *xe;
> int err;
>
> + if (xe_configfs_admin_only_pf(pdev)) {
maybe we should add a note why we have to use configfs directly (and not
a helper introduced below)
> + driver.ioctls = xe_pf_admin_only_ioctls;
> + driver.num_ioctls = ARRAY_SIZE(xe_pf_admin_only_ioctls);
> + } else {
> + driver.ioctls = xe_ioctls;
> + driver.num_ioctls = ARRAY_SIZE(xe_ioctls);
> + }
you shouldn't modify this singleton "driver" as its pointer will be passed
to devm_drm_dev_alloc() and will be referenced later by the drm code and
in case of multiple devices, above overwrite will mess things up.
as suggested before, define separate "driver_admin_only_pf" struct
> +
> xe_display_driver_set_hooks(&driver);
>
> err = aperture_remove_conflicting_pci_devices(pdev, driver.name);
> diff --git a/drivers/gpu/drm/xe/xe_query.c b/drivers/gpu/drm/xe/xe_query.c
> index 34db266b723f..1416ab7be809 100644
> --- a/drivers/gpu/drm/xe/xe_query.c
> +++ b/drivers/gpu/drm/xe/xe_query.c
> @@ -215,7 +215,10 @@ static int query_engines(struct xe_device *xe,
> i++;
> }
>
> - engines->num_engines = i;
> + if (xe_device_is_admin_only(xe))
> + engines->num_engines = 0;
> + else
> + engines->num_engines = i;
shouldn't you also modify calc_hw_engine_info_size() and then skip
buffer setup?
>
> if (copy_to_user(query_ptr, engines, size)) {
> kfree(engines);
> @@ -297,6 +300,9 @@ static int query_mem_regions(struct xe_device *xe,
> }
> }
>
> + if (xe_device_is_admin_only(xe))
> + mem_regions->num_mem_regions = 0;
> +
same here
> if (!copy_to_user(query_ptr, mem_regions, size))
> ret = 0;
> else
> @@ -419,6 +425,9 @@ static int query_gt_list(struct xe_device *xe, struct drm_xe_device_query *query
> iter++;
> }
>
> + if (xe_device_is_admin_only(xe))
> + gt_list->num_gt = 0;
> +
and here
> if (copy_to_user(query_ptr, gt_list, size)) {
> kfree(gt_list);
> return -EFAULT;
and what about query_config() ?
> diff --git a/drivers/gpu/drm/xe/xe_sriov.h b/drivers/gpu/drm/xe/xe_sriov.h
> index 72e55543c30e..be426afa90b1 100644
> --- a/drivers/gpu/drm/xe/xe_sriov.h
> +++ b/drivers/gpu/drm/xe/xe_sriov.h
> @@ -37,6 +37,14 @@ static inline bool xe_device_is_sriov_vf(const struct xe_device *xe)
> return xe_device_sriov_mode(xe) == XE_SRIOV_MODE_VF;
> }
>
> +static inline bool xe_device_is_admin_only(const struct xe_device *xe)
rather:
xe_device_is_admin_only_pf()
> +{
> + if (xe_device_is_sriov_pf(xe) && xe->sriov.pf.admin_only)
> + return true;
> + else
> + return false;
just:
return xe_device_is_sriov_pf(xe) && xe->sriov.pf.admin_only;
> +}
> +
> #define IS_SRIOV_PF(xe) xe_device_is_sriov_pf(xe)
> #define IS_SRIOV_VF(xe) xe_device_is_sriov_vf(xe)
>
btw, we may also want to double check that setting from configfs was valid
(we are really running on the PF device) and abort probe if not
next prev parent reply other threads:[~2026-02-26 21:32 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-26 16:31 [RFC v4 0/1] Do not create drm device for PF only admin mode Satyanarayana K V P
2026-02-26 16:31 ` [RFC v4 1/1] drm/xe/pf: Restrict device query responses in admin-only PF mode Satyanarayana K V P
2026-02-26 18:47 ` Matthew Brost
2026-02-26 18:54 ` Matthew Brost
2026-02-26 21:32 ` Michal Wajdeczko [this message]
2026-02-26 16:38 ` ✓ CI.KUnit: success for Do not create drm device for PF only admin mode (rev3) Patchwork
2026-02-26 17:18 ` ✓ Xe.CI.BAT: " Patchwork
2026-02-26 18:44 ` ✗ Xe.CI.FULL: failure " Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1646e584-9900-4487-8063-5cc1db18870f@intel.com \
--to=michal.wajdeczko@intel.com \
--cc=bartosz.dunajski@intel.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=intel-xe@lists.freedesktop.org \
--cc=matthew.brost@intel.com \
--cc=michal.winiarski@intel.com \
--cc=piotr.piorkowski@intel.com \
--cc=rodrigo.vivi@intel.com \
--cc=satyanarayana.k.v.p@intel.com \
--cc=thomas.hellstrom@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox